commit - 58d51f2c1171da65fd4c6d9007d9782a9dbb8bad
commit + 1eb3631d10e20f089be8f5bb7b81505a068813a4
blob - 6d84b2908bb6ac1368bb61dc62f0e655598ac0c0
blob + 4ab9ef88dcb2958332fcff671c42e6c8f88ec628
--- ChangeLog
+++ ChangeLog
+2021-05-12 Omar Polo <op@omarpolo.com>
+
+ * utils.c (gen_certificate): don't add gmid as organisation when generating the certificate, and now it set the version 3, so it's compatible with java/android
+
2021-05-09 Omar Polo <op@omarpolo.com>
* server.c (apply_fastcgi): added fastcgi support!
blob - 1fda993c183f58bc7681c1c603f6a173e993c987
blob + 9a67ff6db934aabd4f882442af37332ab1487393
--- utils.c
+++ utils.c
X509 *x509;
X509_NAME *name;
FILE *f;
- const unsigned char *org = (const unsigned char*)"gmid";
const unsigned char *host = (const unsigned char*)hostname;
log_notice(NULL,
if ((e = BN_new()) == NULL)
fatal("couldn't allocate a bignum");
- BN_set_word(e, 17);
+ BN_set_word(e, RSA_F4);
if (!RSA_generate_key_ex(rsa, 4096, e, NULL))
fatal("couldn't generate a rsa key");
if ((x509 = X509_new()) == NULL)
fatal("couldn't generate the X509 certificate");
- ASN1_INTEGER_set(X509_get_serialNumber(x509), 1);
+ ASN1_INTEGER_set(X509_get_serialNumber(x509), 0);
X509_gmtime_adj(X509_get_notBefore(x509), 0);
X509_gmtime_adj(X509_get_notAfter(x509), 315360000L); /* 10 years */
+ X509_set_version(x509, 3);
if (!X509_set_pubkey(x509, pkey))
fatal("couldn't set the public key");
name = X509_get_subject_name(x509);
- if (!X509_NAME_add_entry_by_txt(name, "O", MBSTRING_ASC, org, -1, -1, 0))
- fatal("couldn't add N to cert");
if (!X509_NAME_add_entry_by_txt(name, "CN", MBSTRING_ASC, host, -1, -1, 0))
fatal("couldn't add CN to cert");
X509_set_issuer_name(x509, name);