From f0c42dce7270ff90272d2d255293b4a439246077 Mon Sep 17 00:00:00 2001
From: "tiehang.lth" <tiehang.lth@alibaba-inc.com>
Date: Fri, 29 Apr 2016 11:56:31 +0800
Subject: [PATCH 1/2] =?UTF-8?q?=E6=8C=87=E5=AE=9A=20sha256=20=E8=80=8C?=
 =?UTF-8?q?=E4=B8=8D=E6=98=AF=20sha1=20=E7=9A=84=E8=AF=81=E4=B9=A6,=20?=
 =?UTF-8?q?=E9=81=BF=E5=85=8D=20Chrome=20=E4=B8=8B=E8=AF=81=E4=B9=A6?=
 =?UTF-8?q?=E8=AD=A6=E5=91=8A?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 cert/gen-cer     | 4 ++--
 cert/gen-cer.cmd | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/cert/gen-cer b/cert/gen-cer
index 3ab4ce1..e432036 100755
--- a/cert/gen-cer
+++ b/cert/gen-cer
@@ -38,11 +38,11 @@ openssl rsa -in $outputPath$domain.key -passin pass:$password -out $outputPath$d
  
 #Create the request
 echo "Creating CSR"
-openssl req -new -key $outputPath$domain.key -out $outputPath$domain.csr -passin pass:$password \
+openssl req -sha256 -new -key $outputPath$domain.key -out $outputPath$domain.csr -passin pass:$password \
     -subj "/C=$country/ST=$state/L=$locality/O=$organization/OU=$organizationalunit/CN=$commonname/emailAddress=$email"
  
 #Generating a Self-Signed Certificate
-openssl x509 -req -days 365 -in $outputPath$domain.csr -CA rootCA.crt -CAkey rootCA.key -CAcreateserial -out $outputPath$domain.crt
+openssl x509 -req -sha256 -days 365 -in $outputPath$domain.csr -CA rootCA.crt -CAkey rootCA.key -CAcreateserial -out $outputPath$domain.crt
 # -signkey $outputPath$domain.key
 #openssl x509 -req -in host.csr -CA rootCA.crt -CAkey rootCA.key -CAcreateserial -out host.crt -days 365
 echo "Finished"
diff --git a/cert/gen-cer.cmd b/cert/gen-cer.cmd
index d3a6f83..722f1e8 100644
--- a/cert/gen-cer.cmd
+++ b/cert/gen-cer.cmd
@@ -21,7 +21,7 @@ echo Removing passphrase from key
 openssl rsa -in %domain%.key -passin pass:%password% -out %domain%.key
  
 echo Creating CSR
-openssl req -new -key %domain%.key -out %domain%.csr -passin pass:%password% -subj /C=%country%/ST=%state%/L=%locality%/O=%organization%/OU=%organizationalunit%/CN=%commonname%/emailAddress=%email%
+openssl req -sha256 -new -key %domain%.key -out %domain%.csr -passin pass:%password% -subj /C=%country%/ST=%state%/L=%locality%/O=%organization%/OU=%organizationalunit%/CN=%commonname%/emailAddress=%email%
  
-openssl x509 -req -days 3650 -in %domain%.csr -CA rootCA.crt -CAkey rootCA.key -CAcreateserial -out %domain%.crt
+openssl x509 -req -sha256 -days 3650 -in %domain%.csr -CA rootCA.crt -CAkey rootCA.key -CAcreateserial -out %domain%.crt
 echo Finished

From 35da6fd38581847320abf2ce72e513cde1f73ba6 Mon Sep 17 00:00:00 2001
From: OttoMao <ottomao@gmail.com>
Date: Fri, 29 Apr 2016 14:12:19 +0800
Subject: [PATCH 2/2] =?UTF-8?q?=E8=B0=83=E6=95=B4rootCA=E7=9A=84=E5=8F=82?=
 =?UTF-8?q?=E6=95=B0=EF=BC=8C=E8=B0=83=E6=95=B4=E8=BF=87=E6=9C=9F=E6=97=B6?=
 =?UTF-8?q?=E9=97=B4?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 cert/gen-cer    | 20 ++++++++++----------
 cert/gen-rootCA |  2 +-
 2 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/cert/gen-cer b/cert/gen-cer
index e432036..4deb0b4 100755
--- a/cert/gen-cer
+++ b/cert/gen-cer
@@ -1,10 +1,10 @@
 #!/bin/bash
- 
+
 #Required
 domain=$1
 outputPath=$2
 commonname=$domain
- 
+
 #Change to your company details
 country=ZH
 state=Shanghai
@@ -12,20 +12,20 @@ locality=Shanghai
 organization=a.com
 organizationalunit=IT
 email=a@b.com
- 
+
 #Optional
 password=a
- 
+
 if [ -z "$domain" ]
 then
     echo "Argument not present."
     echo "Useage $0 [domain] [outputPath]"
- 	
+
     exit 99
 fi
- 
+
 echo "Generating key request for $outputPath$domain"
- 
+
 #Generate a key
 # openssl genrsa -out host.key 2048
 # openssl genrsa -des3 -out $outputPath$domain.key 2048 -noout
@@ -35,14 +35,14 @@ openssl genrsa -passout pass:$password -out $outputPath$domain.key 2048
 #Remove passphrase from the key. Comment the line out to keep the passphrase
 echo "Removing passphrase from key"
 openssl rsa -in $outputPath$domain.key -passin pass:$password -out $outputPath$domain.key
- 
+
 #Create the request
 echo "Creating CSR"
 openssl req -sha256 -new -key $outputPath$domain.key -out $outputPath$domain.csr -passin pass:$password \
     -subj "/C=$country/ST=$state/L=$locality/O=$organization/OU=$organizationalunit/CN=$commonname/emailAddress=$email"
- 
+
 #Generating a Self-Signed Certificate
-openssl x509 -req -sha256 -days 365 -in $outputPath$domain.csr -CA rootCA.crt -CAkey rootCA.key -CAcreateserial -out $outputPath$domain.crt
+openssl x509 -req -sha256 -days 3650 -in $outputPath$domain.csr -CA rootCA.crt -CAkey rootCA.key -CAcreateserial -out $outputPath$domain.crt
 # -signkey $outputPath$domain.key
 #openssl x509 -req -in host.csr -CA rootCA.crt -CAkey rootCA.key -CAcreateserial -out host.crt -days 365
 echo "Finished"
diff --git a/cert/gen-rootCA b/cert/gen-rootCA
index 1f196c6..fda566b 100755
--- a/cert/gen-rootCA
+++ b/cert/gen-rootCA
@@ -3,7 +3,7 @@
 outputPath=$1
 cd $outputPath
 openssl genrsa -out rootCA.key 2048
-openssl req -x509 -new -nodes -key rootCA.key -days 36500 -out rootCA.crt \
+openssl req -sha256 -x509 -new -nodes -key rootCA.key -days 36500 -out rootCA.crt \
      -subj "/C=CN/ST=SH/L=SH/O=AnyProxy/OU=Section/CN=Anyproxy SSL Proxying/emailAddress=AnyProxy@AnyProxy"
 echo "============="
 echo "rootCA generated at :"