2257b8bbed
Original validator checked for domain labels as defined by RFC1034, however real internet deals with other domains as well - starting with digits or symbols. This change allows modifying the pattern to allow custom / relaxed rules. Validation has been removed from adding a domain to a new extension, since it's only used in fixups and the domain should be already validated. (or not, if not configured) Closes-bug: 1592489 Change-Id: Ib453054ba5f554bab28cff392c539e713fa28918
37 lines
732 B
JSON
37 lines
732 B
JSON
{
|
|
"authentication": {
|
|
"method_1": {
|
|
"backend": "static",
|
|
"secret": "simplepassword",
|
|
"user": "myusername"
|
|
}
|
|
},
|
|
"signing_ca": {
|
|
"local": {
|
|
"backend": "anchor",
|
|
"cert_path": "CA/root-ca.crt",
|
|
"key_path": "CA/root-ca-unwrapped.key",
|
|
"output_path": "certs",
|
|
"signing_hash": "sha256",
|
|
"valid_hours": 24
|
|
}
|
|
},
|
|
"registration_authority": {
|
|
"default": {
|
|
"authentication": "method_1",
|
|
"signing_ca": "local",
|
|
"validators": {
|
|
"standards_compliance": {
|
|
"label_re": "^[a-z](?:[-a-z0-9]*[a-z0-9])?$"
|
|
},
|
|
"source_cidrs": {
|
|
"cidrs": ["127.0.0.0/8"]
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"audit": {
|
|
"target": "log"
|
|
}
|
|
}
|