mirror of
https://github.com/brunoos/luasec.git
synced 2024-12-28 13:28:21 +01:00
8bcabff0c1
- Use 2048 bit keys (required for modern OpenSSL) - Use SHA256 instead of SHA1 (required for modern OpenSSL) - Add a SubjectAltName to be able to trigger certain edge-cases - Add all.sh to conveniently re-generate certificates
13 lines
414 B
Bash
Executable File
13 lines
414 B
Bash
Executable File
#!/bin/sh
|
|
|
|
openssl req -newkey rsa:2048 -keyout serverAkey.pem -out serverAreq.pem \
|
|
-config ./serverA.cnf -nodes -days 365 -batch
|
|
|
|
openssl x509 -req -in serverAreq.pem -sha256 -extfile ./serverA.cnf \
|
|
-extensions usr_cert -CA rootA.pem -CAkey rootAkey.pem -CAcreateserial \
|
|
-out serverAcert.pem -days 365
|
|
|
|
cat serverAcert.pem rootA.pem > serverA.pem
|
|
|
|
openssl x509 -subject -issuer -noout -in serverA.pem
|