chmod 700 $DIR/private
chmod 755 $DIR/certs $DIR/newcerts
touch $DIR/index.txt
+echo "unique_subject = no" > $DIR/index.txt.attr
+
if [ ! -e $DIR/serial ]; then
echo '01' > $DIR/serial
fi
# Sign it
openssl ca -config openssl.conf -extensions v3_intermediate_ca \
- -cert certs/ca.crt -keyfile private/ca.key -out $DIR/certs/ca.crt \
+ -days 1826 \
+ -cert certs/ca.crt -keyfile private/ca.key -out $DIR/certs/ca.crt \
-infiles $DIR/$CN.csr
openssl x509 -text -noout -in $DIR/certs/ca.crt