From 67affd3aa4827b70b2fa04d287faf65d8315f6fd Mon Sep 17 00:00:00 2001
From: Patrick <patrickpluto@proton.me>
Date: Fri, 15 Nov 2024 18:50:18 +0100
Subject: [PATCH] ca fixes for SAN

---
 configs/scripts/ca.sh |  2 +-
 resources/ca.cnf      | 16 ++++++++++++++++
 2 files changed, 17 insertions(+), 1 deletion(-)
 create mode 100644 resources/ca.cnf

diff --git a/configs/scripts/ca.sh b/configs/scripts/ca.sh
index 24ef801..bbde892 100755
--- a/configs/scripts/ca.sh
+++ b/configs/scripts/ca.sh
@@ -10,7 +10,7 @@ openssl genrsa -out /root/ca.key 2048
 chmod 400 /root/ca.key
 mkdir -p /etc/ssl/certs/
 mkdir -p /etc/ssl/private/
-openssl req -x509 -new -nodes -key /root/ca.key -sha256 -days 1024 -out /etc/ssl/certs/ca.crt -subj '/C=CH/ST=Zurich/L=Zurich/O=InterstellarNet/OU=NONE/CN=INTERSTELLAR' -extensions v3_ca
+openssl req -x509 -new -nodes -key /root/ca.key -sha256 -days 1024 -out /etc/ssl/certs/ca.crt -config /mnt/root/openssl.cnf -extensions v3_ca
 cp /etc/ssl/certs/ca.crt /root
 cp /etc/ssl/certs/ca.crt /usr/local/share/ca-certificates/
 chown -R www-data:www-data /etc/ssl/private/
diff --git a/resources/ca.cnf b/resources/ca.cnf
new file mode 100644
index 0000000..ab21ae1
--- /dev/null
+++ b/resources/ca.cnf
@@ -0,0 +1,16 @@
+[ req ]
+default_bits       = 4096
+distinguished_name = req_distinguished_name
+req_extensions     = req_ext
+prompt             = no
+
+[ req_distinguished_name ]
+C  = CH
+ST = Zurich
+L  = Zurich
+O  = InterstellarNet
+OU = NONE
+CN = INTERSTELLAR
+
+[ req_ext ]
+subjectAltName = @alt_names
\ No newline at end of file