ca fixes for SAN
This commit is contained in:
parent
7d06d12c82
commit
67affd3aa4
2 changed files with 17 additions and 1 deletions
|
@ -10,7 +10,7 @@ openssl genrsa -out /root/ca.key 2048
|
||||||
chmod 400 /root/ca.key
|
chmod 400 /root/ca.key
|
||||||
mkdir -p /etc/ssl/certs/
|
mkdir -p /etc/ssl/certs/
|
||||||
mkdir -p /etc/ssl/private/
|
mkdir -p /etc/ssl/private/
|
||||||
openssl req -x509 -new -nodes -key /root/ca.key -sha256 -days 1024 -out /etc/ssl/certs/ca.crt -subj '/C=CH/ST=Zurich/L=Zurich/O=InterstellarNet/OU=NONE/CN=INTERSTELLAR' -extensions v3_ca
|
openssl req -x509 -new -nodes -key /root/ca.key -sha256 -days 1024 -out /etc/ssl/certs/ca.crt -config /mnt/root/openssl.cnf -extensions v3_ca
|
||||||
cp /etc/ssl/certs/ca.crt /root
|
cp /etc/ssl/certs/ca.crt /root
|
||||||
cp /etc/ssl/certs/ca.crt /usr/local/share/ca-certificates/
|
cp /etc/ssl/certs/ca.crt /usr/local/share/ca-certificates/
|
||||||
chown -R www-data:www-data /etc/ssl/private/
|
chown -R www-data:www-data /etc/ssl/private/
|
||||||
|
|
16
resources/ca.cnf
Normal file
16
resources/ca.cnf
Normal file
|
@ -0,0 +1,16 @@
|
||||||
|
[ req ]
|
||||||
|
default_bits = 4096
|
||||||
|
distinguished_name = req_distinguished_name
|
||||||
|
req_extensions = req_ext
|
||||||
|
prompt = no
|
||||||
|
|
||||||
|
[ req_distinguished_name ]
|
||||||
|
C = CH
|
||||||
|
ST = Zurich
|
||||||
|
L = Zurich
|
||||||
|
O = InterstellarNet
|
||||||
|
OU = NONE
|
||||||
|
CN = INTERSTELLAR
|
||||||
|
|
||||||
|
[ req_ext ]
|
||||||
|
subjectAltName = @alt_names
|
Loading…
Reference in a new issue