Ensured the correct CA key and CA certificate is used during signing process. It's been working based on default assumptions from the openssl configuration, but it's worth being explicit when doing these operations. Also removed a redundant -sha256
This commit is contained in:
Anton Hvornum
Anton Hvornum
parent
60a38f0890
commit
28becbfc03
@ -241,7 +241,6 @@ create_ephemeral_codesigning_keys() {
|
|||||||
# Create the Certificate Authority
|
# Create the Certificate Authority
|
||||||
openssl req \
|
openssl req \
|
||||||
-newkey rsa:4096 \
|
-newkey rsa:4096 \
|
||||||
-sha256 \
|
|
||||||
-nodes \
|
-nodes \
|
||||||
-x509 \
|
-x509 \
|
||||||
-new \
|
-new \
|
||||||
@ -280,6 +279,8 @@ EOF
|
|||||||
-days 2 \
|
-days 2 \
|
||||||
-notext \
|
-notext \
|
||||||
-md sha256 \
|
-md sha256 \
|
||||||
|
-keyfile "${ca_key}" \
|
||||||
|
-cert "${ca_cert}" \
|
||||||
-in "${codesigning_cert}.csr" \
|
-in "${codesigning_cert}.csr" \
|
||||||
-out "${codesigning_cert}"
|
-out "${codesigning_cert}"
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user