HOSTNAME env for Install

[aaf/authz.git] / conf / CA / newIntermediate.sh

diff --git a/conf/CA/newIntermediate.sh b/conf/CA/newIntermediate.sh
index 88b524b..b548dd4 100644 (file)
--- a/conf/CA/newIntermediate.sh
+++ b/conf/CA/newIntermediate.sh
@@ -13,6 +13,8 @@ mkdir -p $DIR/private $DIR/certs $DIR/newcerts
 chmod 700 $DIR/private
 chmod 755 $DIR/certs $DIR/newcerts
 touch $DIR/index.txt
+echo "unique_subject = no" > $DIR/index.txt.attr
+
 if [ ! -e $DIR/serial ]; then
   echo '01' > $DIR/serial
 fi
@@ -39,18 +41,18 @@ echo $SUBJECT
 $PASSPHRASE
 EOF
 
-  chmod 400 $DIR/private/$CN.key 
+  chmod 400 $DIR/private/ca.key
   openssl req -verify -text -noout -in $DIR/$CN.csr
 
   # Sign it
   openssl ca -config openssl.conf -extensions v3_intermediate_ca \
-     -cert certs/ca.crt -keyfile private/ca.key -out $DIR/certs/ca.crt \
+       -days 1826 \
+  -cert certs/ca.crt -keyfile private/ca.key -out $DIR/certs/ca.crt \
        -infiles $DIR/$CN.csr
 
-    openssl x509 -text -noout -in $DIR/certs/ca.crt
-
+   openssl x509 -text -noout -in $DIR/certs/ca.crt
 
-     openssl verify -CAfile certs/ca.crt $DIR/certs/ca.crt
+   openssl verify -CAfile certs/ca.crt $DIR/certs/ca.crt
 
 
 # Create a Signer p12 script