genTimeCA(){ #csr,ca to sign with,start,end
cat <<TESTCA > timesubca.cnf
basicConstraints = CA:true
-subjectKeyIdentifier = hash
keyUsage = keyCertSign, cRLSign
+
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid:always
+
crlDistributionPoints=URI:http://g2.crl.cacert.org/g2/$2.crl
authorityInfoAccess = OCSP;URI:http://g2.ocsp.cacert.org,caIssuers;URI:http://g2.crt.cacert.org/$2.crt
TESTCA
STARTDATE="${year}"
-ENDDATE="$((${year} + 2))"
+ENDDATE="$((${year} + 3))"
for i in $TIME_IDX; do
point=${points[${i}]}