From: Christian Weiske Date: Wed, 11 Sep 2013 20:06:23 +0000 (+0200) Subject: how to generate ssl cert for *.ouya.tv via mitmproxy X-Git-Url: https://git.cweiske.de/ouya-imagestore.git/commitdiff_plain/a18fceb1ba9cbe2128cfd84a33aefc664447bb08 how to generate ssl cert for *.ouya.tv via mitmproxy --- diff --git a/doc/.gitignore b/doc/.gitignore new file mode 100644 index 0000000..77e0dbc --- /dev/null +++ b/doc/.gitignore @@ -0,0 +1 @@ +selfcert-ouya.tv.* diff --git a/doc/README.rst b/doc/README.rst new file mode 100644 index 0000000..951b7c2 --- /dev/null +++ b/doc/README.rst @@ -0,0 +1,19 @@ +Generate web server SSL certificate +=================================== +:: + + $ openssl req -new -x509 -nodes -config ouya.tv-cert-req.cnf -out selfcert-ouya.tv.pem -keyout selfcert-ouya.tv.key -days 730 + + $ openssl genrsa -out selfcert-ouya.tv.key 2048 + $ openssl req -new -config ouya.tv-cert-req.cnf -key selfcert-ouya.tv.key -out selfcert-ouya.tv.csr + $ openssl x509 -req -in selfcert-ouya.tv.csr -CA ~/.mitmproxy/mitmproxy-ca.pem -CAkey ~/.mitmproxy/mitmproxy-ca.pem -CAcreateserial -out selfcert-ouya.tv.crt -days 730 + +Verify CSR:: + + $ openssl req -text -noout -verify -in selfcert-ouya.tv.csr + +Verify certificate:: + + $ openssl x509 -in selfcert-ouya.tv.crt -text -noout + +Then install the certificate in your web server. diff --git a/doc/ouya.tv-cert-req.cnf b/doc/ouya.tv-cert-req.cnf new file mode 100644 index 0000000..1890971 --- /dev/null +++ b/doc/ouya.tv-cert-req.cnf @@ -0,0 +1,29 @@ +#make the signing process include the subjectAltName +extensions = v3_req + +[req] +default_bits = 2048 +encrypt_key = yes +distinguished_name = req_dn +req_extensions = v3_req +prompt = no + +[req_dn] +C=US +ST=Massachusetts +L=Anytown +O=OUYA +OU=custom OUYA store +CN=*.ouya.tv +emailAddress=ouya+dummy@example.org + +[v3_req] +nsCertType = server +basicConstraints = CA:FALSE +keyUsage = nonRepudiation, digitalSignature, keyEncipherment +subjectAltName = @alt_names + +[alt_names] +DNS.1 = ouya.tv +DNS.2 = *.ouya.tv +DNS.3 = *.ouya.tv.bogo