@rem Specify key name used for file names
set key_name=signing
@rem Create Certificate
set user_crt_tmp_file=user-crt-%RANDOM%.tmp
copy /Y NUL %user_crt_tmp_file%
echo keyUsage=critical,nonRepudiation,digitalSignature >> %user_crt_tmp_file%
echo extendedKeyUsage=critical,codeSigning >> %user_crt_tmp_file%
openssl x509 -req -sha512 -days 3652 ^
-signkey %key_name%.key ^
-in %key_name%.csr ^
-out %key_name%.crt ^
-extfile %user_crt_tmp_file%
del /q %user_crt_tmp_file% |