Preserve v3 extensions when signing x.509 certificates - this is necessary for Subject Alternative Names to survive
This commit is contained in:
parent
954124ac56
commit
44c7f61e3d
1 changed files with 1 additions and 1 deletions
|
@ -4,4 +4,4 @@ if ! [[ -r $1 ]]; then
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
ca=/etc/ssl/$HOST/root
|
ca=/etc/ssl/$HOST/root
|
||||||
sudo openssl x509 -req -CA $ca.crt -CAkey $ca.key -CAcreateserial -sha256 -days 30 -in $1 -out ${1:r}.crt
|
sudo openssl x509 -req -CA $ca.crt -CAkey $ca.key -CAcreateserial -sha256 -days 30 -extensions v3_req -extfile /usr/local/etc/openssl/openssl.cnf -in $1 -out ${1:r}.crt
|
||||||
|
|
Loading…
Reference in a new issue