hwang/pki.sh
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix -h option.

Browse Source 
fix extensions of root ca.
This commit is contained in:
hwang
2024-09-30 02:54:31 +00:00
parent ce35031744
commit 488a3ce24b
2 changed files with 7 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
.gitignore vendored
View File

@@ -1,2 +1,3 @@
*.key *.key
*.crt *.crt
*.pem

11
issue-root.sh
View File

@@ -4,7 +4,7 @@ RSA_OPTS="-newkey rsa:2048 -sha256"
ECDSA_OPTS="-newkey ec -pkeyopt ec_paramgen_curve:secp384r1 -sha384" ECDSA_OPTS="-newkey ec -pkeyopt ec_paramgen_curve:secp384r1 -sha384"
while getopts ":h:t:n:d:s:" opt; do while getopts ":ht:n:d:s:" opt; do
case $opt in case $opt in
h) h)
echo "Usage: -t rsa|ec -n <name> -d <days>" echo "Usage: -t rsa|ec -n <name> -d <days>"
@@ -36,8 +36,7 @@ while getopts ":h:t:n:d:s:" opt; do
esac esac
done done
openssl req -x509 -batch $NEWKEY_OPT $DAYS_OPT "${NAME_OPT[@]}" "${SUBJECT_OPT[@]}" \ openssl req -x509 -batch $NEWKEY_OPT $DAYS_OPT "${NAME_OPT[@]}" "${SUBJECT_OPT[@]}" -addext "keyUsage=critical,keyCertSign,cRLSign"
-addext "subjectKeyIdentifier=hash" \ # -addext "subjectKeyIdentifier=hash" \
-addext "authorityKeyIdentifier=keyid:always,issuer" \ # -addext "authorityKeyIdentifier=keyid:always,issuer" \
-addext "basicConstraints=critical,CA:true" \ # -addext "basicConstraints=critical,CA:true" \
-addext "keyUsage=critical,keyCertSign,cRLSign" \