|
128 |
|
128 |
|
129 |
[ req ] |
129 |
[ req ] |
130 |
|
130 |
|
131 |
default_bits = 1024 |
131 |
default_bits = 2048 |
132 |
default_keyfile = privkey.pem |
132 |
default_keyfile = privkey.pem |
133 |
distinguished_name = req_distinguished_name |
133 |
distinguished_name = req_distinguished_name |
134 |
attributes = req_attributes |
134 |
attributes = req_attributes |
|
278 |
# make the root-CA configuration file |
278 |
# make the root-CA configuration file |
279 |
mk_config openssl.cnf "$PASSWD" "$DEFAULT_DAYS" "$ssl_common" |
279 |
mk_config openssl.cnf "$PASSWD" "$DEFAULT_DAYS" "$ssl_common" |
280 |
|
280 |
|
281 |
openssl genrsa -des3 -passout pass:"$PASSWD" -out "${CA}/private/CAkey.pem" 1024 |
281 |
openssl genrsa -des3 -passout pass:"$PASSWD" -out "${CA}/private/CAkey.pem" 2048 |
282 |
yes '' | openssl req -config openssl.cnf -new -x509 -days "$DEFAULT_DAYS" -key "${CA}/private/CAkey.pem" -out "${CA}/CAcert.pem" |
282 |
yes '' | openssl req -config openssl.cnf -new -x509 -days "$DEFAULT_DAYS" -key "${CA}/private/CAkey.pem" -out "${CA}/CAcert.pem" |
283 |
|
283 |
|
284 |
# copy the public key to a place, from where browsers can access it |
284 |
# copy the public key to a place, from where browsers can access it |