Code Review
/
aaf
/
authz.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
review
|
tree
raw
|
inline
| side by side
Merge "Improvements of Certs creation scripts"
[aaf/authz.git]
/
conf
/
CA
/
newIntermediate.sh
diff --git
a/conf/CA/newIntermediate.sh
b/conf/CA/newIntermediate.sh
index
88b524b
..
b548dd4
100644
(file)
--- a/
conf/CA/newIntermediate.sh
+++ b/
conf/CA/newIntermediate.sh
@@
-13,6
+13,8
@@
mkdir -p $DIR/private $DIR/certs $DIR/newcerts
chmod 700 $DIR/private
chmod 755 $DIR/certs $DIR/newcerts
touch $DIR/index.txt
chmod 700 $DIR/private
chmod 755 $DIR/certs $DIR/newcerts
touch $DIR/index.txt
+echo "unique_subject = no" > $DIR/index.txt.attr
+
if [ ! -e $DIR/serial ]; then
echo '01' > $DIR/serial
fi
if [ ! -e $DIR/serial ]; then
echo '01' > $DIR/serial
fi
@@
-39,18
+41,18
@@
echo $SUBJECT
$PASSPHRASE
EOF
$PASSPHRASE
EOF
- chmod 400 $DIR/private/
$CN.key
+ chmod 400 $DIR/private/
ca.key
openssl req -verify -text -noout -in $DIR/$CN.csr
# Sign it
openssl ca -config openssl.conf -extensions v3_intermediate_ca \
openssl req -verify -text -noout -in $DIR/$CN.csr
# Sign it
openssl ca -config openssl.conf -extensions v3_intermediate_ca \
- -cert certs/ca.crt -keyfile private/ca.key -out $DIR/certs/ca.crt \
+ -days 1826 \
+ -cert certs/ca.crt -keyfile private/ca.key -out $DIR/certs/ca.crt \
-infiles $DIR/$CN.csr
-infiles $DIR/$CN.csr
- openssl x509 -text -noout -in $DIR/certs/ca.crt
-
+ openssl x509 -text -noout -in $DIR/certs/ca.crt
-
openssl verify -CAfile certs/ca.crt $DIR/certs/ca.crt
+ openssl verify -CAfile certs/ca.crt $DIR/certs/ca.crt
# Create a Signer p12 script
# Create a Signer p12 script