]> WPIA git - nre.git/blobdiff - generateKeys.sh
projects / nre.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
upd: find libfaketime platform independently
[nre.git] / generateKeys.sh
diff --git a/generateKeys.sh b/generateKeys.sh
index 4dd87a2bbc1fd16b7bc0e8b15f5c80945625cfef..d5d4750d30cb57d6f43f66f86b418a199395ac7d 100755 (executable)
--- a/generateKeys.sh
+++ b/generateKeys.sh
@@ -5,6 +5,8 @@ set -e
 . structure
 . commonFunctions
 
+mkdir -p generated
+cd generated
 
 ####### create various extensions files for the various certificate types ######
 cat <<TESTCA > ca.cnf
@@ -14,8 +16,8 @@ keyUsage = keyCertSign, cRLSign
 subjectKeyIdentifier = hash
 authorityKeyIdentifier = keyid:always
 
-crlDistributionPoints=URI:http://g2.crl.cacert.org/g2/root.crl
-authorityInfoAccess = OCSP;URI:http://g2.ocsp.cacert.org,caIssuers;URI:http://g2.crt.cacert.org/g2/root.crt
+crlDistributionPoints=URI:http://g2.crl.${DOMAIN}/g2/root.crl
+authorityInfoAccess = OCSP;URI:http://g2.ocsp.${DOMAIN},caIssuers;URI:http://g2.crt.${DOMAIN}/g2/root.crt
 TESTCA
 
 cat <<TESTCA > subca.cnf
@@ -25,8 +27,8 @@ keyUsage = keyCertSign, cRLSign
 subjectKeyIdentifier = hash
 authorityKeyIdentifier = keyid:always
 
-crlDistributionPoints=URI:http://g2.crl.cacert.org/g2/root.crl
-authorityInfoAccess = OCSP;URI:http://g2.ocsp.cacert.org,caIssuers;URI:http://g2.crt.cacert.org/g2/root.crt
+crlDistributionPoints=URI:http://g2.crl.${DOMAIN}/g2/root.crl
+authorityInfoAccess = OCSP;URI:http://g2.ocsp.${DOMAIN},caIssuers;URI:http://g2.crt.${DOMAIN}/g2/root.crt
 TESTCA
 
 
@@ -42,7 +44,7 @@ rootSign root
 
 # generate the various sub-CAs
 for ca in $STRUCT_CAS; do
-    . CAs/$ca
+    . ../CAs/$ca
     genca "/CN=$name" $ca
     rootSign $ca
 done
WPIA Root Certificate Generation Procedure