8df7e460e7
Current SSL certificates have expired. This patch contain new ones valid for 10 years and i've updated the ssl-ipv*.conf with the command to create certificates with this expiration time. Change-Id: Iaf4164149e3e28de8cf0367bc98e3e649bd10f87
43 lines
987 B
Plaintext
43 lines
987 B
Plaintext
# Generate key and create a self-signed certificate:
|
|
# $ openssl req \
|
|
# -x509 \
|
|
# -config ssl-ipv4.conf \
|
|
# -newkey rsa:2048 \
|
|
# -keyform PEM \
|
|
# -out ipv4.crt \
|
|
# -outform PEM \
|
|
# -days 3650 \
|
|
# -nodes
|
|
#
|
|
[ req ]
|
|
default_bits = 2048
|
|
default_keyfile = ipv4.key
|
|
default_md = sha256
|
|
prompt = no
|
|
distinguished_name = distinguished_name
|
|
req_extensions = v3_req
|
|
x509_extensions = v3_ca
|
|
|
|
[ v3_req ]
|
|
subjectAltName = @alt_names
|
|
|
|
[ v3_ca ]
|
|
basicConstraints = CA:TRUE
|
|
subjectKeyIdentifier = hash
|
|
authorityKeyIdentifier = keyid:always,issuer:always
|
|
subjectAltName = @alt_names
|
|
issuerAltName = @alt_names
|
|
|
|
[alt_names]
|
|
IP.0 = 127.0.0.1
|
|
DNS.0 = 127.0.0.1
|
|
DNS.1 = localhost
|
|
|
|
[ distinguished_name ]
|
|
commonName = 127.0.0.1
|
|
countryName = US
|
|
stateOrProvinceName = North Carolina
|
|
localityName = Raleigh
|
|
organizationName = Red Hat Inc.
|
|
organizationalUnitName = OpenStack
|