Merge branch 'fix-certs' into 'antifascista'

Generar certificados válidos

See merge request sutty/haini.sh!21

domains.ext

@@ -0,0 +1,7 @@
+authorityKeyIdentifier=keyid,issuer
+basicConstraints=CA:FALSE
+keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
+subjectAltName = @alt_names
+[alt_names]
+DNS.1 = sutty.local
+DNS.2 = *.sutty.local

haini.sh

@@ -100,19 +100,20 @@ generar_certificado() {
 
   echo "Generando certificados..."
 
-  correr "openssl genpkey -algorithm RSA -pass pass:sutty -out $ca_key"
-  correr "openssl req -x509 -new -nodes -key $ca_key -sha256 \
-    -passin pass:sutty -passout pass:sutty \
-    -subj '/C=IN/ST=Cyberspace/L=Cyberspace/O=Sutty/OU=Espacio/CN=Sutty Local CA' \
-    -days 3650 -out $ca_crt"
+  correr "openssl req -x509 -nodes -new -sha256 -days 3650 -newkey rsa:2048 \
+    -keyout $ca_key -out $ca_crt.pem -subj '/C=AR/CN=Sutty-Local-CA'"
+  correr "openssl x509 -outform pem -in $ca_crt.pem -out $ca_crt"
 
   correr "update-ca-certificates"
 
-  correr "openssl req -nodes -newkey rsa:2048 -keyout $domain_key -out $domain_csr \
-    -subj '/C=IN/ST=Cyberspace/L=Cyberspace/O=Sutty/OU=Espacio/CN=sutty.local/CN=*.sutty.local'"
-  correr "openssl x509 -req -in $domain_csr \
-    -CA $ca_crt -CAkey $ca_key -CAcreateserial \
-    -out $domain_crt -days 3650 -sha256"
+  correr "openssl req -new -nodes -newkey rsa:2048 \
+    -keyout $domain_key -out $domain_csr \
+    -subj '/C=AR/ST=Ninguno/L=Interdimension/O=Sutty-Local/CN=sutty.local'"
+  correr "openssl x509 -req -sha256 -days 3650 \
+    -in $domain_csr -CA $ca_crt.pem -CAkey $ca_key \
+    -CAcreateserial -extfile /Sutty/haini.sh/domains.ext -out $domain_crt"
+
+  rm "$ENTORNO$ca_crt.pem"
 
   echo "Instalando certificados..."
   if which update-ca-certificates 2>/dev/null; then