2022-06-29 16:17:02 +00:00
|
|
|
#!/bin/bash
|
|
|
|
set -euxo pipefail
|
|
|
|
|
|
|
|
cd "$(dirname "${BASH_SOURCE[0]}")"
|
|
|
|
|
2023-03-26 19:35:33 +00:00
|
|
|
# Generate a new RSA key/cert for local development
|
|
|
|
HOST="localhost"
|
|
|
|
CRT="$HOST.crt"
|
|
|
|
KEY="$HOST.key"
|
|
|
|
|
|
|
|
# Install the system certificate if it's not already
|
|
|
|
mkcert -install
|
|
|
|
|
|
|
|
# Generate a new certificate for localhost
|
|
|
|
mkcert -ecdsa -cert-file "$CRT" -key-file "$KEY" localhost 127.0.0.1 ::1
|
|
|
|
|
|
|
|
# Reduce the expiration time of the certificate to 14 days; the WebTransport maximum.
|
|
|
|
# TODO https://github.com/FiloSottile/mkcert/pull/513
|
|
|
|
openssl x509 -days 14 -in "$CRT" -signkey "$KEY" -out "$CRT"
|
|
|
|
|
|
|
|
# Compute the sha256 fingerprint of the certificate for WebTransport
|
|
|
|
# openssl x509 -in "$CRT" -outform der | openssl dgst -sha256
|