...
1for selfsigned in delgkey1 delgkey2 delgkey3 delgkey4; do
2 subj='/C=US/ST=CA/L=SanFrancisco/O=Docker/CN=delegation'
3
4 openssl genrsa -out "${selfsigned}.key" 2048
5 openssl req -new -key "${selfsigned}.key" -out "${selfsigned}.csr" -sha256 -subj "${subj}"
6 cat > "${selfsigned}.cnf" <<EOL
7[selfsigned]
8basicConstraints = critical,CA:FALSE
9keyUsage = critical, digitalSignature, keyEncipherment
10extendedKeyUsage=codeSigning
11subjectKeyIdentifier=hash
12EOL
13
14 openssl x509 -req -days 3560 -in "${selfsigned}.csr" -signkey "${selfsigned}.key" -sha256 \
15 -out "${selfsigned}.crt" -extfile "${selfsigned}.cnf" -extensions selfsigned
16
17 rm "${selfsigned}.cnf" "${selfsigned}.csr"
18done
View as plain text