X-Git-Url: https://code.wpia.club/?p=nre.git;a=blobdiff_plain;f=generateKeys.sh;h=cf0fcad7a2aa7cd83b7652b2dc7617af68943fa6;hp=353acb15773b3dc47c336b7a2adc9ec154e42174;hb=c4ec3f02627ad85f5794d457936ca125ce13e506;hpb=b51fdc2141a76347d08b5938b4af47ba2f612067

diff --git a/generateKeys.sh b/generateKeys.sh
index 353acb1..cf0fcad 100755
--- a/generateKeys.sh
+++ b/generateKeys.sh
@@ -9,16 +9,22 @@ set -e
 ####### create various extensions files for the various certificate types ######
 cat <<TESTCA > ca.cnf
 basicConstraints = CA:true
-subjectKeyIdentifier = hash
 keyUsage = keyCertSign, cRLSign
+
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid:always
+
 crlDistributionPoints=URI:http://g2.crl.cacert.org/g2/root.crl
 authorityInfoAccess = OCSP;URI:http://g2.ocsp.cacert.org,caIssuers;URI:http://g2.crt.cacert.org/root.crt
 TESTCA
 
 cat <<TESTCA > subca.cnf
 basicConstraints = CA:true
-subjectKeyIdentifier = hash
 keyUsage = keyCertSign, cRLSign
+
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid:always
+
 crlDistributionPoints=URI:http://g2.crl.cacert.org/g2/root.crl
 authorityInfoAccess = OCSP;URI:http://g2.ocsp.cacert.org,caIssuers;URI:http://g2.crt.cacert.org/root.crt
 TESTCA