Add v3_ca extension when generating CA.
This commit is contained in:
parent
6a0f7712b0
commit
1d294c2463
2 changed files with 6 additions and 0 deletions
|
@ -29,6 +29,11 @@ emailAddress = supplied
|
|||
default_bits = 2048
|
||||
distinguished_name = req_distinguished_name
|
||||
|
||||
[ v3_ca ]
|
||||
subjectKeyIdentifier=hash
|
||||
authorityKeyIdentifier=keyid:always,issuer:always
|
||||
basicConstraints = CA:true
|
||||
|
||||
[ req_distinguished_name ]
|
||||
countryName = Country Name (2 letter code)
|
||||
countryName_default = FR
|
||||
|
|
|
@ -35,6 +35,7 @@ $OPENSSL genrsa -out $PREFIX/ca/private.key 2048
|
|||
$OPENSSL req \
|
||||
-config $CONFFILE \
|
||||
-new -x509 -days 3650 \
|
||||
-extensions v3_ca \
|
||||
-keyout $PREFIX/ca/private.key \
|
||||
-out $PREFIX/ca/cacert.pem
|
||||
|
||||
|
|
Loading…
Add table
Reference in a new issue