move generated to own folder + permissions

[nre.git] / generateInfra.sh

diff --git a/generateInfra.sh b/generateInfra.sh
index bd1b872483998c36c2f40e1e560fea9135ed2a3c..012e6b70feb8e63c87c0f5d2d96bdf78351e3815 100755 (executable)
--- a/generateInfra.sh
+++ b/generateInfra.sh
@@ -8,16 +8,19 @@ year=$1
 . structure
 . commonFunctions
 
+cd generated
+
 CRL="
-crlDistributionPoints=URI:http://g2.crl.cacert.org/g2/$year/env.crl
-authorityInfoAccess = OCSP;URI:http://g2.ocsp.cacert.org,caIssuers;URI:http://g2.crt.cacert.org/$year/env.crt"
+crlDistributionPoints=URI:http://g2.crl.${DOMAIN}/g2/$year/env-1.crl
+authorityInfoAccess = OCSP;URI:http://g2.ocsp.${DOMAIN},caIssuers;URI:http://g2.crt.${DOMAIN}/g2/$year/env-1.crt"
 
 cat <<TESTCA > req.cnf
 basicConstraints = critical,CA:false
 keyUsage = keyEncipherment, digitalSignature
 extendedKeyUsage=serverAuth
+
 subjectKeyIdentifier = hash
-authorityKeyIdentifier = keyid:always,issuer:always
+authorityKeyIdentifier = keyid:always
 $CRL
 TESTCA
 
@@ -25,8 +28,9 @@ cat <<TESTCA > reqClient.cnf
 basicConstraints = critical,CA:false
 keyUsage = keyEncipherment, digitalSignature
 extendedKeyUsage=clientAuth
+
 subjectKeyIdentifier = hash
-authorityKeyIdentifier = keyid:always,issuer:always
+authorityKeyIdentifier = keyid:always
 $CRL
 TESTCA
 
@@ -34,8 +38,9 @@ cat <<TESTCA > reqMail.cnf
 basicConstraints = critical,CA:false
 keyUsage = keyEncipherment, digitalSignature
 extendedKeyUsage=emailProtection
+
 subjectKeyIdentifier = hash
-authorityKeyIdentifier = keyid:always,issuer:always
+authorityKeyIdentifier = keyid:always
 $CRL
 TESTCA