aboutsummaryrefslogtreecommitdiffstats
path: root/meta-integrity/scripts/ima-gen-local-ca.sh
diff options
context:
space:
mode:
Diffstat (limited to 'meta-integrity/scripts/ima-gen-local-ca.sh')
-rwxr-xr-xmeta-integrity/scripts/ima-gen-local-ca.sh6
1 files changed, 3 insertions, 3 deletions
diff --git a/meta-integrity/scripts/ima-gen-local-ca.sh b/meta-integrity/scripts/ima-gen-local-ca.sh
index b600761..339d3e3 100755
--- a/meta-integrity/scripts/ima-gen-local-ca.sh
+++ b/meta-integrity/scripts/ima-gen-local-ca.sh
@@ -18,7 +18,6 @@ GENKEY=ima-local-ca.genkey
cat << __EOF__ >$GENKEY
[ req ]
-default_bits = 2048
distinguished_name = req_distinguished_name
prompt = no
string_mask = utf8only
@@ -33,10 +32,11 @@ emailAddress = john.doe@example.com
basicConstraints=CA:TRUE
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid:always,issuer
-# keyUsage = cRLSign, keyCertSign
+keyUsage = cRLSign, keyCertSign
__EOF__
-openssl req -new -x509 -utf8 -sha1 -days 3650 -batch -config $GENKEY \
+openssl req -new -x509 -utf8 -sha256 -days 36500 -batch -config $GENKEY \
+ -newkey ec -pkeyopt ec_paramgen_curve:prime256v1 \
-outform DER -out ima-local-ca.x509 -keyout ima-local-ca.priv
openssl x509 -inform DER -in ima-local-ca.x509 -out ima-local-ca.pem
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-04-28 16:07:29 +0000