openssl req -new -key testca.key -out testca.csr -subj "/CN=local cacert-gigi testCA" -config selfsign.config
openssl x509 -req -days 365 -in testca.csr -signkey testca.key -out testca.crt
openssl req -new -key testca.key -out testca.csr -subj "/CN=local cacert-gigi testCA" -config selfsign.config
openssl x509 -req -days 365 -in testca.csr -signkey testca.key -out testca.crt
-openssl genrsa -out $1.key 4096
-openssl req -new -key $1.key -out $1.csr -subj "/CN=$1.cacert.local" -config selfsign.config
+openssl genrsa -out $1.key ${KEYSIZE}
+openssl req -new -key $1.key -out $1.csr -subj "/CN=$1.${DOMAIN}" -config selfsign.config
openssl ca -cert testca.crt -keyfile testca.key -in $1.csr -out $1.crt -days 356 -batch -config selfsign.config
openssl pkcs12 -inkey $1.key -in $1.crt -name $1 -export -passout pass:changeit -out $1.pkcs12
openssl ca -cert testca.crt -keyfile testca.key -in $1.csr -out $1.crt -days 356 -batch -config selfsign.config
openssl pkcs12 -inkey $1.key -in $1.crt -name $1 -export -passout pass:changeit -out $1.pkcs12