Index: mnet/lib.php
===================================================================
RCS file: /cvsroot/moodle/moodle/mnet/lib.php,v
retrieving revision 1.36
diff -u -r1.36 lib.php
--- mnet/lib.php	3 Aug 2009 07:38:17 -0000	1.36
+++ mnet/lib.php	11 Sep 2009 09:18:17 -0000
@@ -386,14 +386,22 @@
 
     // ensure we remove trailing slashes
     $dn["commonName"] = preg_replace(':/$:', '', $dn["commonName"]);
-
-    $new_key = openssl_pkey_new();
+    if (!empty($CFG->opensslcnf)) { //allow specification of openssl.cnf especially for Windows installs
+        $new_key = openssl_pkey_new(array("config" => $CFG->opensslcnf));
+    } else {
+        $new_key = openssl_pkey_new();
+    }
     if ($new_key === false) {
         // can not generate keys - missing openssl.cnf??
         return null;
     }
-    $csr_rsc = openssl_csr_new($dn, $new_key, array('private_key_bits',2048));
-    $selfSignedCert = openssl_csr_sign($csr_rsc, null, $new_key, $days);
+    if (!empty($CFG->opensslcnf)) { //allow specification of openssl.cnf especially for Windows installs
+        $csr_rsc = openssl_csr_new($dn, $new_key, array("config" => $CFG->opensslcnf));
+        $selfSignedCert = openssl_csr_sign($csr_rsc, null, $new_key, $days, array("config" => $CFG->opensslcnf));
+    } else {
+        $csr_rsc = openssl_csr_new($dn, $new_key, array('private_key_bits',2048));
+        $selfSignedCert = openssl_csr_sign($csr_rsc, null, $new_key, $days);
+    }
     unset($csr_rsc); // Free up the resource
 
     // We export our self-signed certificate to a string.
@@ -402,7 +410,11 @@
 
     // Export your public/private key pair as a PEM encoded string. You
     // can protect it with an optional passphrase if you wish.
-    $export = openssl_pkey_export($new_key, $keypair['keypair_PEM'] /* , $passphrase */);
+    if (!empty($CFG->opensslcnf)) { //allow specification of openssl.cnf especially for Windows installs
+        $export = openssl_pkey_export($new_key, $keypair['keypair_PEM'], null, array("config" => $CFG->opensslcnf));
+    } else {
+        $export = openssl_pkey_export($new_key, $keypair['keypair_PEM'] /* , $passphrase */);
+    }
     openssl_pkey_free($new_key);
     unset($new_key); // Free up the resource