arif/xcat-core
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Backdate the CA certificate itself

Browse Source
This commit is contained in:
Jarrod Johnson 2014-04-11 14:13:08 -04:00
parent c1e873d37f
commit 6e7009e9e6
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
xCAT-server/share/xcat/scripts/setup-xcat-ca.sh
View File

@ -30,5 +30,9 @@ sed -e "s@##XCATCADIR##@$XCATCADIR@" $XCATROOT/share/xcat/ca/openssl.cnf.tmpl >
cp $XCATROOT/share/xcat/ca/Makefile $XCATCADIR/
cd $XCATCADIR
make init
openssl req -nodes -config openssl.cnf -days 7300 -x509 -newkey rsa:2048 -out ca-cert.pem -extensions v3_ca -outform PEM -subj /CN="$CNA"
#openssl req -nodes -config openssl.cnf -days 7300 -x509 -newkey rsa:2048 -out ca-cert.pem -extensions v3_ca -outform PEM -subj /CN="$CNA"
openssl genrsa -out private/ca-key.pem 2048
chmod 600 private/ca-key.pem
openssl req -new -key private/ca-key.pem -config openssl.cnf -out ca-req.csr -subj /CN="$CNA" -outform PEM
openssl ca -selfsign -keyfile private/ca-key.pem -in ca-req.csr -startdate 19700101010101Z -days 7305 -extensions v3_ca -config openssl.cnf -out ca-cert.pem
cd -