]> WPIA git - nre.git/blobdiff - generateTime.sh
projects / nre.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
several fixes on certificate profiles
[nre.git] / generateTime.sh
diff --git a/generateTime.sh b/generateTime.sh
index 71aa918f08ca896f6c46d9bb5e05c6ece7b223d4..08032d40723871cb8b6d5c9d946ff20d8bd9bbc3 100755 (executable)
--- a/generateTime.sh
+++ b/generateTime.sh
@@ -9,10 +9,13 @@ year=$1
 genTimeCA(){ #csr,ca to sign with,start,end
     cat <<TESTCA > timesubca.cnf
 basicConstraints = CA:true
-subjectKeyIdentifier = hash
 keyUsage = keyCertSign, cRLSign
+
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid:always
+
 crlDistributionPoints=URI:http://g2.crl.cacert.org/g2/$2.crl
-authorityInfoAccess = OCSP;URI:http://g2.ocsp.cacert.org,caIssuers;URI:http://g2.crt.cacert.org/$2.crt
+authorityInfoAccess = OCSP;URI:http://g2.ocsp.cacert.org,caIssuers;URI:http://g2.crt.cacert.org/g2/$2.crt
 TESTCA
     caSign $1 $2 timesubca.cnf "$3" "$4"
     rm timesubca.cnf
@@ -22,7 +25,7 @@ mkdir -p $year/ca
 
 
 STARTDATE="${year}"
-ENDDATE="$((${year} + 2))"
+ENDDATE="$((${year} + 3))"
 
 for i in $TIME_IDX; do
     point=${points[${i}]}
WPIA Root Certificate Generation Procedure