FS-5695 --resolve

scripts/gentls_cert.in

@@ -7,7 +7,7 @@ export KEY_SIZE=${KEY_SIZE}
 
 TMPFILE="/tmp/fs-ca-$$-$(date +%Y%m%d%H%M%S)"
 
-COMMON_NAME="FreesSWITCH CA"
+COMMON_NAME="FreeSWITCH CA"
 ALT_NAME="DNS:test.freeswitch.org"
 ORG_NAME="FreeSWITCH"
 OUTFILE="agent.pem"
@@ -47,6 +47,7 @@ setup_ca() {
 			default_bits            = \$ENV::KEY_SIZE
 			prompt                  = no
 			distinguished_name      = req_dn
+			x509_extensions         = v3_ca
 
 			[ req_dn ]
 			commonName              = %CN%
@@ -69,6 +70,12 @@ setup_ca() {
 			subjectAltName=%ALTNAME%
 			nsCertType=client
 			extendedKeyUsage=clientAuth
+
+			[ v3_ca ]
+			subjectKeyIdentifier=hash
+			authorityKeyIdentifier=keyid:always,issuer
+			basicConstraints=CA:TRUE
+
 		EOF
 	fi
 
@@ -84,6 +91,7 @@ setup_ca() {
 		-new -x509 -keyout "${CONFDIR}/CA/cakey.pem" \
 		-config "${TMPFILE}.cfg" -nodes -days ${DAYS} -sha1 >/dev/null || exit 1
 	cat "${CONFDIR}/CA/cacert.pem" > "${CONFDIR}/cafile.pem"
+	cp $TMPFILE.cfg /tmp/ssl.cfg
 	rm "${TMPFILE}.cfg"
 
 	echo "DONE"