mirror of
https://github.com/archlinux/archiso.git
synced 2024-09-19 11:40:19 -06:00
Ensured the correct CA key and CA certificate is used during signing process. It's been working based on default assumptions from the openssl configuration, but it's worth being explicit when doing these operations. Also removed a redundant -sha256
This commit is contained in:
parent
60a38f0890
commit
28becbfc03
1 changed files with 2 additions and 1 deletions
|
@ -241,7 +241,6 @@ create_ephemeral_codesigning_keys() {
|
||||||
# Create the Certificate Authority
|
# Create the Certificate Authority
|
||||||
openssl req \
|
openssl req \
|
||||||
-newkey rsa:4096 \
|
-newkey rsa:4096 \
|
||||||
-sha256 \
|
|
||||||
-nodes \
|
-nodes \
|
||||||
-x509 \
|
-x509 \
|
||||||
-new \
|
-new \
|
||||||
|
@ -280,6 +279,8 @@ EOF
|
||||||
-days 2 \
|
-days 2 \
|
||||||
-notext \
|
-notext \
|
||||||
-md sha256 \
|
-md sha256 \
|
||||||
|
-keyfile "${ca_key}" \
|
||||||
|
-cert "${ca_cert}" \
|
||||||
-in "${codesigning_cert}.csr" \
|
-in "${codesigning_cert}.csr" \
|
||||||
-out "${codesigning_cert}"
|
-out "${codesigning_cert}"
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue