aboutsummaryrefslogtreecommitdiff
path: root/genpki.sh
diff options
context:
space:
mode:
authorAlex Auvolat <alex@adnab.me>2022-01-03 23:47:55 +0100
committerAlex Auvolat <alex@adnab.me>2022-01-03 23:47:55 +0100
commit143683ed2da5f537a7586b7263e648403b18ed17 (patch)
tree6549cd1a1988a16e952d39f32869a68b8b2a8c28 /genpki.sh
parent1ade671f964516976151ab8b2e8dc6027aa9e73f (diff)
downloadnixcfg-143683ed2da5f537a7586b7263e648403b18ed17.tar.gz
nixcfg-143683ed2da5f537a7586b7263e648403b18ed17.zip
Add cron job to clean up stuff; fix genpki
Diffstat (limited to 'genpki.sh')
-rwxr-xr-xgenpki.sh14
1 files changed, 8 insertions, 6 deletions
diff --git a/genpki.sh b/genpki.sh
index be10f6f..0ee6331 100755
--- a/genpki.sh
+++ b/genpki.sh
@@ -45,7 +45,8 @@ O = Deuxfleurs
CN = $APP
[v3_req]
-keyUsage = keyEncipherment, keyCertSign, dataEncipherment, serverAuth, clientAuth
+keyUsage = keyEncipherment, keyCertSign, dataEncipherment
+extendedKeyUsage = serverAuth, clientAuth
subjectAltName = @alt_names
[alt_names]
@@ -85,7 +86,8 @@ O = Deuxfleurs
CN = $APP-client
[v3_req]
-keyUsage = keyEncipherment, keyCertSign, dataEncipherment, clientAuth
+keyUsage = keyEncipherment, keyCertSign, dataEncipherment
+extendedKeyUsage = clientAuth
subjectAltName = @alt_names
[alt_names]
@@ -97,8 +99,8 @@ EOF
rm $CERT-client.csr
fi
- if [ ! -f $CERT-client.p12 ]; then
- openssl pkcs12 -export -out $CERT-client.p12 \
- -in $APP-ca.pem -in $CERT-client.crt -inkey $CERT-client.key
- fi
+ #if [ ! -f $CERT-client.p12 ]; then
+ # openssl pkcs12 -export -out $CERT-client.p12 \
+ # -in $APP-ca.pem -in $CERT-client.crt -inkey $CERT-client.key
+ #fi
done