mirror of
https://github.com/brunoos/luasec.git
synced 2024-12-28 13:28:21 +01:00
8bcabff0c1
- Use 2048 bit keys (required for modern OpenSSL) - Use SHA256 instead of SHA1 (required for modern OpenSSL) - Add a SubjectAltName to be able to trigger certain edge-cases - Add all.sh to conveniently re-generate certificates
13 lines
419 B
Bash
Executable File
13 lines
419 B
Bash
Executable File
#!/bin/sh
|
|
|
|
openssl req -newkey rsa:2048 -sha256 -keyout clientAkey.pem -out clientAreq.pem \
|
|
-nodes -config ./clientA.cnf -days 365 -batch
|
|
|
|
openssl x509 -req -in clientAreq.pem -sha256 -extfile ./clientA.cnf \
|
|
-extensions usr_cert -CA rootA.pem -CAkey rootAkey.pem -CAcreateserial \
|
|
-out clientAcert.pem -days 365
|
|
|
|
cat clientAcert.pem rootA.pem > clientA.pem
|
|
|
|
openssl x509 -subject -issuer -noout -in clientA.pem
|