# demoCA ... where everything is stored
$SSLEAY_CONFIG=$ENV{"SSLEAY_CONFIG"};
-$DAYS="-days 365";
+$DAYS="-days 365"; # 1 year
+$CADAYS="-days 1095"; # 3 years
$REQ="openssl req $SSLEAY_CONFIG";
$CA="openssl ca $SSLEAY_CONFIG";
$VERIFY="openssl verify";
$CATOP="./demoCA";
$CAKEY="cakey.pem";
+$CAREQ="careq.pem";
$CACERT="cacert.pem";
$DIRMODE = 0777;
$RET=$?;
} else {
print "Making CA certificate ...\n";
- system ("$REQ -new -x509 -keyout " .
- "${CATOP}/private/$CAKEY -out ${CATOP}/$CACERT $DAYS");
+ system ("$REQ -new -keyout " .
+ "${CATOP}/private/$CAKEY -out ${CATOP}/$CAREQ");
+ system ("$CA -out ${CATOP}/$CACERT $CADAYS -batch " .
+ "-keyfile ${CATOP}/private/$CAKEY -selfsign " .
+ "-infiles ${CATOP}/$CAREQ ");
$RET=$?;
}
}