Update http_listener certs

2017-11-03 21:52:45 -07:00
parent b573039af4
commit f3d90bdac6
2 changed files with 54 additions and 65 deletions
--- a/scripts/tls-certs.sh
+++ b/scripts/tls-certs.sh
@@ -15,7 +15,7 @@ new_certs_dir = ./certs_by_serial
 private_key = ./private/cakey.pem
 serial = ./serial

-default_crl_days = 7
+default_crl_days = 3650
 default_days = 3650
 default_md = sha256

@@ -53,7 +53,7 @@ basicConstraints = CA:false
 keyUsage = keyEncipherment
 extendedKeyUsage = 1.3.6.1.5.5.7.3.1
 EOF
-openssl req -x509 -config ./openssl.conf -newkey rsa:1024 -out ./certs/cacert.pem -keyout ./private/cakey.pem -subj "/CN=Telegraf CA/" -nodes &&
+openssl req -x509 -config ./openssl.conf -days 3650 -newkey rsa:1024 -out ./certs/cacert.pem -keyout ./private/cakey.pem -subj "/CN=Telegraf CA/" -nodes &&

 # Create server keypair
 openssl genrsa -out ./private/serverkey.pem 1024 &&