# HG changeset patch
# User IBBoard <dev@ibboard.co.uk>
# Date 1538423308 -3600
# Node ID b8c7a89c4ebdd581af07250e43a4e39d2a651f4a
# Parent  ccb1f0a7bfe98b2af180b9c505adfcd544864116
Include Subject Alt Name in certs and use CA function

diff -r ccb1f0a7bfe9 -r b8c7a89c4ebd make-certificate
--- a/make-certificate	Mon Mar 19 19:34:56 2018 +0000
+++ b/make-certificate	Mon Oct 01 20:48:28 2018 +0100
@@ -14,6 +14,8 @@
 
 pushd ~/Websites/certs/
 
-openssl req -nodes -new -keyout $1.key -out $1.csr -subj "/C=GB/ST=Worcestershire/O=$1/CN=$1"
-openssl x509 -req -days 365 -in $1.csr -CA ~/.ssh/CA/ca.crt -CAkey ~/.ssh/CA/ca.key -CAserial ~/.ssh/CA/ca.srl -out $1.crt
+openssl req -nodes -sha256 -new -keyout $1.key -out $1.csr -subj "/C=GB/ST=Worcestershire/O=$1/CN=$1" \
+	-config <(cat ~/.ssh/CA/openssl.cnf <(echo "DNS.1=$1"))
+openssl ca -in $1.csr -out $1.crt -cert ~/.ssh/CA/ca.crt -keyfile ~/.ssh/CA/ca.key -days 365 \
+	-config <(cat ~/.ssh/CA/openssl.cnf <(echo "DNS.1=$1")) -batch
 popd