Skip to content

Commit

Permalink
self-signed certificate will expire in 10 years
Browse files Browse the repository at this point in the history
  • Loading branch information
ssrlive committed May 5, 2024
1 parent a738bce commit dfae4c0
Show file tree
Hide file tree
Showing 4 changed files with 13 additions and 4 deletions.
6 changes: 6 additions & 0 deletions .github/workflows/check.yml
Original file line number Diff line number Diff line change
Expand Up @@ -55,6 +55,7 @@ jobs:

build:
strategy:
fail-fast: false
matrix:
target:
- x86_64-unknown-linux-gnu # arch: x86_64, os: linux
Expand Down Expand Up @@ -93,6 +94,7 @@ jobs:
rustup target add ${{ matrix.target }}
- name: Build
if: ${{ !cancelled() }}
shell: bash
run: |
if [[ "${{ matrix.host_os }}" == "ubuntu-latest" ]]; then
Expand All @@ -103,5 +105,9 @@ jobs:
fi
- name: Run tests
if: ${{ !cancelled() }}
run: cargo test --verbose --all-features

- name: Abort on error
if: ${{ failure() }}
run: echo "Some of jobs failed" && false
7 changes: 5 additions & 2 deletions install/selfsign.sh
Original file line number Diff line number Diff line change
Expand Up @@ -36,11 +36,14 @@ EMAIL_ADDRESS=$7
DNS_1=$8
IP_1=${9}

# 有效期 10 年, self-signed certificate will expire in 10 years
DAYS=3650

# 生成根證書的私鑰
openssl genrsa -out ca.key 4096

# 生成根證書
openssl req -outform PEM -new -x509 -sha256 -key ca.key -extensions v3_ca -out ca.crt -subj "/C=$COUNTRY/ST=$STATE/L=$LOCALITY/O=$ORGANIZATION/OU=$ORGANIZATIONAL_UNIT/CN=$COMMON_NAME_CA/emailAddress=$EMAIL_ADDRESS"
openssl req -outform PEM -new -x509 -sha256 -key ca.key -extensions v3_ca -out ca.crt -subj "/C=$COUNTRY/ST=$STATE/L=$LOCALITY/O=$ORGANIZATION/OU=$ORGANIZATIONAL_UNIT/CN=$COMMON_NAME_CA/emailAddress=$EMAIL_ADDRESS" -days ${DAYS}

# 生成自簽名證書的私鑰
openssl genrsa -out server.key 4096
Expand All @@ -59,7 +62,7 @@ IP.1 = $IP_1
EOF

# 生成自簽名證書
openssl x509 -req -CA ca.crt -CAkey ca.key -in server.csr -out server.crt -extfile serverca.txt -sha256 -set_serial 0x1111
openssl x509 -req -CA ca.crt -CAkey ca.key -in server.csr -out server.crt -extfile serverca.txt -sha256 -set_serial 0x1111 -days ${DAYS}

# 查看文件
ls
2 changes: 1 addition & 1 deletion readme-cn.md
Original file line number Diff line number Diff line change
Expand Up @@ -138,7 +138,7 @@ overtls -r client -c config.json
```bash
wget https://raw.githubusercontent.com/shadowsocksr-live/overtls/master/install/selfsign.sh
cat selfsign.sh
head selfsign.sh -n 25
chmod +x selfsign.sh
./selfsign.sh CN JiangSu ChangZhou MyGreatOrg Root_CA Server1 [email protected] example.com 123.45.67.89
```
Expand Down
2 changes: 1 addition & 1 deletion readme.md
Original file line number Diff line number Diff line change
Expand Up @@ -156,7 +156,7 @@ for testing purposes.
```bash
wget https://raw.githubusercontent.com/shadowsocksr-live/overtls/master/install/selfsign.sh
cat selfsign.sh
head selfsign.sh -n 25
chmod +x selfsign.sh
./selfsign.sh CN JiangSu ChangZhou MyGreatOrg Root_CA Server1 [email protected] example.com 123.45.67.89
```
Expand Down

0 comments on commit dfae4c0

Please sign in to comment.