Add Certs, Docker Build

Issue-ID: AAF-211
Change-Id: Idc7630578155586a6e53d7af80dd16e4e0ac41ca
Signed-off-by: Instrumental <jcgmisc@stl.gathman.org>

3 files changed, 6 insertions, 6 deletions

diff --git a/conf/CA/clean.sh b/conf/CA/clean.sh
index 3df61082..593a0a6c 100644
--- a/conf/CA/clean.sh
+++ b/conf/CA/clean.sh
@@ -1 +1 @@
-rm -Rf private certs newcerts index* serial* intermediateCAs
+rm -Rf private certs newcerts index* serial* intermediate.serial intermediate_*
diff --git a/conf/CA/manual.sh b/conf/CA/manual.sh
index bb891759..eb391591 100644
--- a/conf/CA/manual.sh
+++ b/conf/CA/manual.sh
@@ -35,7 +35,7 @@ EOF
 	chmod 400 private/$FQI.key 
 	SIGN_IT=true
   else 
-	echo openssl req -newkey rsa:4096 -sha256 -keyout $FQI.key -out $FQI.csr -outform PEM -subj '"'$SUBJECT'"'
+	echo openssl req -newkey rsa:2048 -sha256 -keyout $FQI.key -out $FQI.csr -outform PEM -subj '"'$SUBJECT'"'
 	echo chmod 400 $FQI.key
 	echo "# All done, print result"
 	echo openssl req -verify -text -noout -in $FQI.csr
@@ -46,7 +46,8 @@ if [ "$SIGN_IT" = "true" ]; then
   # Sign it
   openssl ca -config ../openssl.conf -extensions server_cert -out $FQI.crt \
 	-cert certs/ca.crt -keyfile private/ca.key \
-	 -policy policy_loose \
+	-policy policy_loose \
+	-days 360 \
 	-infiles $FQI.csr
 fi
 
diff --git a/conf/CA/p12.sh b/conf/CA/p12.sh
index f490b187..53184e2f 100644
--- a/conf/CA/p12.sh
+++ b/conf/CA/p12.sh
@@ -12,9 +12,8 @@ fi
 
 # Add Cert AND Intermediate CAs (Clients will have Root CAs (or not))
   cat $MACH.crt  > $MACH.chain
-  for CA in `ls intermediateCAs`; do
-        cat "intermediateCAs/$CA" >> $MACH.chain
-  done
+  # Add THIS Intermediate CA into chain
+  cat "certs/ca.crt" >> $MACH.chain
 
   # Make a pkcs12 keystore, a jks keystore and a pem keystore
   rm -f $MACH.p12