#This bit doesn't work for some reason, it complains about xmppAddr already existing, but then generates errors below because it doesn't exist, so fuck it, magic number.
#oid_section             = new_oids
#[ new_oids ]
# RFC 6120 section 13.7.1.4 defines this OID
#xmppAddr = 1.3.6.1.5.5.7.8.5

[ req ]

default_bits            = 2048
distinguished_name      = distinguished_name
req_extensions          = v3_extensions
x509_extensions         = v3_extensions

# don't ask about the DN
prompt = no

[ distinguished_name ]

countryName                     = AU
stateOrProvinceName             = TAS

commonName                      = rakka.au

[ v3_extensions ]

# for certificate requests (req_extensions)
# and self-signed certificates (x509_extensions)

keyUsage                        = digitalSignature,keyEncipherment
extendedKeyUsage = serverAuth
subjectAltName                  = @subject_alternative_name

[ subject_alternative_name ]

DNS.0 = rakka.au
otherName.0 = 1.3.6.1.5.5.7.8.5;UTF8:rakka.au

#Append the following for a server which handles multiple domain names:
DNS.1 = harpy.faith
otherName.1 = 1.3.6.1.5.5.7.8.5;UTF8:harpy.faith
DNS.2 = botegirl.parts
otherName.2 = 1.3.6.1.5.5.7.8.5;UTF8:botegirl.parts

DNS.3 = *.rakka.au
otherName.3 = 1.3.6.1.5.5.7.8.5;UTF8:*.rakka.au
DNS.4 = *.harpy.faith
otherName.4 = 1.3.6.1.5.5.7.8.5;UTF8:*.harpy.faith
DNS.5 = *.botegirl.parts
otherName.5 = 1.3.6.1.5.5.7.8.5;UTF8:*.botegirl.parts