Page History
...
Code Block | ||||||
---|---|---|---|---|---|---|
| ||||||
# Specify key name used for file names key_name=signing # Step 1 - Generate Private Key and Certificate Signing Request openssl req -new -sha256 -config <(cat openssl-cert.config <(printf "\n[SAN]\nnsCertType = objsign\nkeyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment\n\nextendedKeyUsage = critical, codeSigning\n\nsubjectKeyIdentifier = hash\n")) \ -keynodes -keyout ${key_name}.key -out ${key_name}.csr # Step 2 - Generate and sign the Signing Certificate openssl x509 -req \ -in ${key_name}.csr \ -CA signing-ca.crt \ -CAkey signing-ca.key \ -CAcreateserial \ -out ${key_name}.crt -days 7300 \ -extfile <(printf 'nsCertType = objsign\nkeyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment\n\n\nextendedKeyUsage = critical, codeSigning\n\nsubjectKeyIdentifier = hash\n' "${key_name}") |
...
Overview
Content Tools