From 488a3ce24b69b9db6c952b3053efbd64b64cfaba Mon Sep 17 00:00:00 2001
From: hwang <470981832@qq.com>
Date: Mon, 30 Sep 2024 02:54:31 +0000
Subject: [PATCH] fix -h option. fix extensions of root ca.

---
 .gitignore    |  3 ++-
 issue-root.sh | 11 +++++------
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/.gitignore b/.gitignore
index 0d313d1..1d81e76 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,3 @@
 *.key
-*.crt
\ No newline at end of file
+*.crt
+*.pem
\ No newline at end of file
diff --git a/issue-root.sh b/issue-root.sh
index f542731..4320251 100755
--- a/issue-root.sh
+++ b/issue-root.sh
@@ -4,7 +4,7 @@ RSA_OPTS="-newkey rsa:2048 -sha256"
 ECDSA_OPTS="-newkey ec -pkeyopt ec_paramgen_curve:secp384r1 -sha384"
 
  
-while getopts ":h:t:n:d:s:" opt; do
+while getopts ":ht:n:d:s:" opt; do
   case $opt in
     h)
       echo "Usage:  -t rsa|ec -n <name> -d <days>"
@@ -36,8 +36,7 @@ while getopts ":h:t:n:d:s:" opt; do
   esac
 done
 
-openssl req -x509 -batch $NEWKEY_OPT $DAYS_OPT "${NAME_OPT[@]}" "${SUBJECT_OPT[@]}" \
-    -addext "subjectKeyIdentifier=hash" \
-    -addext "authorityKeyIdentifier=keyid:always,issuer" \
-    -addext "basicConstraints=critical,CA:true" \
-    -addext "keyUsage=critical,keyCertSign,cRLSign" \
\ No newline at end of file
+openssl req -x509 -batch $NEWKEY_OPT $DAYS_OPT "${NAME_OPT[@]}" "${SUBJECT_OPT[@]}" -addext "keyUsage=critical,keyCertSign,cRLSign"
+#    -addext "subjectKeyIdentifier=hash" \
+#    -addext "authorityKeyIdentifier=keyid:always,issuer" \
+#    -addext "basicConstraints=critical,CA:true" \
\ No newline at end of file