mirror of
https://github.com/brunoos/luasec.git
synced 2024-12-28 13:28:21 +01:00
8bcabff0c1
- Use 2048 bit keys (required for modern OpenSSL) - Use SHA256 instead of SHA1 (required for modern OpenSSL) - Add a SubjectAltName to be able to trigger certain edge-cases - Add all.sh to conveniently re-generate certificates
13 lines
419 B
Bash
Executable File
13 lines
419 B
Bash
Executable File
#!/bin/sh
|
|
|
|
openssl req -newkey rsa:2048 -sha256 -keyout clientBkey.pem -out clientBreq.pem \
|
|
-nodes -config ./clientB.cnf -days 365 -batch
|
|
|
|
openssl x509 -req -in clientBreq.pem -sha256 -extfile ./clientB.cnf \
|
|
-extensions usr_cert -CA rootB.pem -CAkey rootBkey.pem -CAcreateserial \
|
|
-out clientBcert.pem -days 365
|
|
|
|
cat clientBcert.pem rootB.pem > clientB.pem
|
|
|
|
openssl x509 -subject -issuer -noout -in clientB.pem
|