Author: Paolo Lulli <paolo@lulli.net>
TODO:add v3 SAN (Subject Alternative Names) informations
iron/libexec/iron/iron-certificate | 3 +++
diff --git a/iron/libexec/iron/iron-certificate b/iron/libexec/iron/iron-certificate index 146fc1c7717911b80415b842e2011023d76c3fc3..d0ad3add0782e95a72dbacf1c5311969766cd466 100755 --- a/iron/libexec/iron/iron-certificate +++ b/iron/libexec/iron/iron-certificate @@ -18,6 +18,9 @@ client=$(basename $csrfile | sed -e 's/.csr$//') CLIENT_CERTPATH=$RCDIR/$service/certs CP=$CLIENT_CERTPATH/$client test -d ${CP} || mkdir -p ${CP} +# TODO: add v3 extension +# https://stackoverflow.com/questions/18233835/creating-an-x509-v3-user-certificate-by-signing-csr +# https://medium.com/@tbusser/creating-a-browser-trusted-self-signed-ssl-certificate-2709ce43fd15 openssl x509 -req -days 365 -CA $CAPATH/ca.crt -CAkey $CAPATH/ca.key -CAcreateserial -in $csrfile -out $CP/$client.crt }