# HG changeset patch
# User thedoc@morbier.koganei.wide.ad.jp
# Date 1271920142 -32400
# Node ID c8e57b3ca75f1a69b7493fa1d7dd635e324d7e52
# Parent  bce8e5b7bf780e5bfe52d4c20de7e43facd37e16
Updated script to avoid 1 month valid root certs

diff -r bce8e5b7bf78 -r c8e57b3ca75f contrib/ca_script2/Makefile
--- a/contrib/ca_script2/Makefile	Wed Apr 21 14:23:04 2010 +0900
+++ b/contrib/ca_script2/Makefile	Thu Apr 22 16:09:02 2010 +0900
@@ -68,8 +68,8 @@
 	# Create the folder hierarchy
 	@$(REMAKE) structure caname=$(topca)
 	# Generate the self-signed certificate
-	@CA_ROOT_DIR=$(DATA_DIR)/$(topca) openssl req $(CONFIG) -new -batch -x509 -nodes -newkey rsa:$(cakeysize) -out $(DATA_DIR)/$(topca)/public/cacert.pem \
-		-keyout $(DATA_DIR)/$(topca)/private/cakey.pem -subj /CN=$(topca)
+	@CA_ROOT_DIR=$(DATA_DIR)/$(topca) openssl req $(CONFIG) -new -batch -x509 -days 3650 -nodes -newkey rsa:$(cakeysize) -out $(DATA_DIR)/$(topca)/public/cacert.pem \
+		-keyout $(DATA_DIR)/$(topca)/private/cakey.pem -extensions ca_cert -subj /CN=$(topca)
 	@ln -s cacert.pem $(DATA_DIR)/$(topca)/public/`openssl x509 -noout -hash < $(DATA_DIR)/$(topca)/public/cacert.pem`.0
 	@touch $(DATA_DIR)/$(topca)/public/cachain.pem
 	@ln -s ../../$(topca)/public/cacert.pem $(DATA_DIR)/$(topca)/public/caroot.pem