Commit 1139e093 authored by Leigh B. Stoller's avatar Leigh B. Stoller
Browse files

Okay, lets make our certificates good for 5 years this time around.

Maybe by then someone will figure out the CRL stuff.
parent 4fefc89d
# #
# EMULAB-COPYRIGHT # EMULAB-COPYRIGHT
# Copyright (c) 2000-2004 University of Utah and the Flux Group. # Copyright (c) 2000-2005 University of Utah and the Flux Group.
# All rights reserved. # All rights reserved.
# #
...@@ -33,7 +33,7 @@ emulab.pem: dirsmade emulab.cnf ...@@ -33,7 +33,7 @@ emulab.pem: dirsmade emulab.cnf
# Create the Certificate Authority. # Create the Certificate Authority.
# The certificate (no key!) is installed on both boss and remote nodes. # The certificate (no key!) is installed on both boss and remote nodes.
# #
openssl req -new -x509 -days 1000 -config emulab.cnf \ openssl req -new -x509 -days 2000 -config emulab.cnf \
-keyout cakey.pem -out cacert.pem -keyout cakey.pem -out cacert.pem
cp cacert.pem emulab.pem cp cacert.pem emulab.pem
cp cakey.pem emulab.key cp cakey.pem emulab.key
......
...@@ -33,8 +33,8 @@ x509_extensions = usr_cert # The extentions to add to the cert ...@@ -33,8 +33,8 @@ x509_extensions = usr_cert # The extentions to add to the cert
# so this is commented out by default to leave a V1 CRL. # so this is commented out by default to leave a V1 CRL.
# crl_extensions = crl_ext # crl_extensions = crl_ext
default_days = 1000 # how long to certify for default_days = 2000 # how long to certify for
default_crl_days= 1000 # how long before next CRL default_crl_days= 2000 # how long before next CRL
default_md = md5 # which md to use. default_md = md5 # which md to use.
preserve = no # keep passed DN ordering preserve = no # keep passed DN ordering
...@@ -65,8 +65,8 @@ crl = $dir/crl.pem # The current CRL ...@@ -65,8 +65,8 @@ crl = $dir/crl.pem # The current CRL
private_key = $dir/cakey.pem # The private key private_key = $dir/cakey.pem # The private key
RANDFILE = $dir/.rand # private random number file RANDFILE = $dir/.rand # private random number file
default_days = 1000 # how long to certify for default_days = 2000 # how long to certify for
default_crl_days= 1000 # how long before next CRL default_crl_days= 2000 # how long before next CRL
default_md = md5 # which md to use. default_md = md5 # which md to use.
preserve = no # keep passed DN ordering preserve = no # keep passed DN ordering
......
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
prompt = no prompt = no
default_bits = 1024 default_bits = 1024
default_keyfile = privkey.pem default_keyfile = privkey.pem
default_days = 1000 default_days = 2000
distinguished_name = req_distinguished_name distinguished_name = req_distinguished_name
attributes = req_attributes attributes = req_attributes
x509_extensions = v3_ca # The extentions to add to the self signed cert x509_extensions = v3_ca # The extentions to add to the self signed cert
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment