forked from quic-go/quic-go
regenerate the testdata certificate with SAN instead of CommonName
As required by Go 1.15.
This commit is contained in:
Marten Seemann
24
internal/testdata/generate_key.sh
vendored
Executable file
24
internal/testdata/generate_key.sh
vendored
Executable file
@@ -0,0 +1,24 @@
|
||||
#!/bin/bash
|
||||
|
||||
set -e
|
||||
|
||||
echo "Generating CA key and certificate:"
|
||||
openssl req -x509 -sha256 -nodes -days 3650 -newkey rsa:2048 \
|
||||
-keyout ca.key -out ca.pem \
|
||||
-subj "/O=quic-go Certificate Authority/"
|
||||
|
||||
echo "Generating CSR"
|
||||
openssl req -out cert.csr -new -newkey rsa:2048 -nodes -keyout priv.key \
|
||||
-subj "/O=quic-go/"
|
||||
|
||||
echo "Sign certificate:"
|
||||
openssl x509 -req -sha256 -days 3650 -in cert.csr -out cert.pem \
|
||||
-CA ca.pem -CAkey ca.key -CAcreateserial \
|
||||
-extfile <(printf "subjectAltName=DNS:localhost")
|
||||
|
||||
# debug output the certificate
|
||||
openssl x509 -noout -text -in cert.pem
|
||||
|
||||
# we don't need the CA key, the serial number and the CSR any more
|
||||
rm ca.key cert.csr ca.srl
|
||||
|
||||
Reference in New Issue
Block a user