Du kannst nicht mehr als 25 Themen auswählen
Themen müssen entweder mit einem Buchstaben oder einer Ziffer beginnen. Sie können Bindestriche („-“) enthalten und bis zu 35 Zeichen lang sein.
40 Zeilen
1.1 KiB
Bash
40 Zeilen
1.1 KiB
Bash
openssl req -x509 -newkey rsa:2048 -out ca.crt -keyout ca.key -days 1000
|
|
echo 01 > ca.srl
|
|
touch ca.idx
|
|
mkdir signed
|
|
cat << EOF >> ca.cnf
|
|
[ ca ]
|
|
default_ca = ca_default
|
|
|
|
[ ca_default ]
|
|
certificate = ca.crt
|
|
private_key = ca.key
|
|
serial = ca.srl
|
|
database = ca.idx
|
|
new_certs_dir = signed
|
|
default_md = default
|
|
policy = policy_ipxe
|
|
preserve = yes
|
|
default_days = 90
|
|
unique_subject = no
|
|
|
|
[ policy_ipxe ]
|
|
commonName = ipxe.ca
|
|
countryName = match
|
|
stateOrProvinceName = match
|
|
organizationName = match
|
|
organizationalUnitName = optional
|
|
commonName = optional
|
|
emailAddress = optional
|
|
|
|
[ cross ]
|
|
basicConstraints = critical,CA:true
|
|
keyUsage = critical,cRLSign,keyCertSign
|
|
|
|
[ codesigning ]
|
|
keyUsage = digitalSignature
|
|
extendedKeyUsage = codeSigning
|
|
EOF
|
|
|
|
openssl req -newkey rsa -keyout codesign.key -out codesign.req
|
|
openssl ca -config ca.cnf -extensions codesigning -in codesign.req -out codesign.crt |