mirror of
https://github.com/nodejs/node.git
synced 2024-11-30 07:27:22 +01:00
3beb880716
When client connect to the server with certification issued by either CNNIC Root CA or CNNIC EV Root CA, check hash of server certification in the list of CNNICHashWhitelist.inc. If it's not, CERT_REVOKED error returns. See for details in https://blog.mozilla.org/security/2015/04/02/distrusting-new-cnnic-certificates/ PR-URL: https://github.com/nodejs/io.js/pull/1895 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
20 lines
483 B
INI
20 lines
483 B
INI
[ req ]
|
|
default_bits = 2048
|
|
days = 999
|
|
distinguished_name = req_distinguished_name
|
|
attributes = req_attributes
|
|
prompt = no
|
|
output_password = password
|
|
x509_extensions = v3_ca
|
|
|
|
[ req_distinguished_name ]
|
|
C = CN
|
|
O = CNNIC
|
|
CN = CNNIC ROOT
|
|
|
|
[ req_attributes ]
|
|
challengePassword = A challenge password
|
|
|
|
[ v3_ca ]
|
|
basicConstraints = CA:TRUE
|