-set_serial 2 -days "${DAYS}" "$@"
}
+geneenocsr() {
+ local OPTIND=1
+ local purpose=serverAuth
+
+ while getopts p: o
+ do
+ case $o in
+ p) purpose="$OPTARG";;
+ *) echo "Usage: $0 genee [-p EKU] cn certname cakeyname cacertname" >&2
+ return 1;;
+ esac
+ done
+
+ shift $((OPTIND - 1))
+ local cn=$1; shift
+ local cert=$1; shift
+ local cakey=$1; shift
+ local ca=$1; shift
+
+ exts=$(printf "%s\n%s\n%s\n%s\n%s\n[alts]\n%s\n" \
+ "subjectKeyIdentifier = hash" \
+ "authorityKeyIdentifier = keyid, issuer" \
+ "basicConstraints = CA:false" \
+ "extendedKeyUsage = $purpose" \
+ "subjectAltName = @alts" "DNS=${cn}")
+ cert "$cert" "$exts" -CA "${ca}.pem" -CAkey "${cakey}.pem" \
+ -set_serial 2 -days "${DAYS}" "$@"
+}
+
genss() {
local cn=$1; shift
local key=$1; shift