]> WPIA git - nre.git/blobdiff - generateKeys
projects / nre.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
upd: generic OCSP profile for correct OCSP certs
[nre.git] / generateKeys
diff --git a/generateKeys b/generateKeys
index 23429cb845f53d8bdbdbd731ad9dfada0b6f0e2b..09a93ba930b65a33d95e80d4f640fa3ffa9ea1eb 100755 (executable)
--- a/generateKeys
+++ b/generateKeys
@@ -24,10 +24,10 @@ TESTCA
 rootSign(){ # csr
     POLICY=ca.cnf
     if [[ "$1" != "root" ]] ; then
-       KNAME=$1
-       POLICY=subca.cnf
-       . ../CAs/${KNAME}
-       cat <<TESTCA > subca.cnf
+        KNAME=$1
+        POLICY=subca.cnf
+        . ../CAs/${KNAME}
+        cat <<TESTCA > subca.cnf
 
 basicConstraints =critical, CA:true
 keyUsage =critical, keyCertSign, cRLSign
@@ -51,18 +51,15 @@ TESTCA
 
 
 # Generate the super Root CA
-genca "/CN=Cacert-gigi testCA" root
+genca "/CN=$APPNAME Root Certificate" root
 #echo openssl x509 -req $ROOT_VALIDITY -in root.ca/key.csr -signkey root.ca/key.key -out root.ca/key.crt -extfile ca.cnf
 rootSign root
 
 # generate the various sub-CAs
-for ca in $STRUCT_CAS; do
+for ca in "${STRUCT_CAS[@]}"; do
     . ../CAs/$ca
-    genca "/CN=$name" $ca
+    genca "/CN=$APPNAME $name Intermediate Certificate" $ca
     rootSign $ca
 done
 
 rm ca.cnf subca.cnf
-
-
-
WPIA Root Certificate Generation Procedure