Formalize secure-boot signing keys name
This commit is contained in:
parent
3630d25d6e
commit
a8bd0d8a8b
|
@ -13,10 +13,10 @@ MinimumVersion=20.2
|
|||
|
||||
[Validation]
|
||||
# Use RSA 2048 keys for wide UEFI compatibility
|
||||
SecureBootKey=signing-keys/rafeOS_secureboot.key
|
||||
SecureBootCertificate=signing-keys/rafeOS_secureboot.crt
|
||||
VerityKey=signing-keys/rafeOS_secureboot.key
|
||||
VerityCertificate=signing-keys/rafeOS_secureboot.crt
|
||||
SecureBootKey=signing-keys/rafeOS.secure-boot.key
|
||||
SecureBootCertificate=signing-keys/rafeOS.secure-boot.crt
|
||||
VerityKey=signing-keys/rafeOS.secure-boot.key
|
||||
VerityCertificate=signing-keys/rafeOS.secure-boot.crt
|
||||
|
||||
[Host]
|
||||
Incremental=true
|
||||
|
|
|
@ -24,8 +24,8 @@ generate_key_pair() {
|
|||
fi
|
||||
|
||||
# Default filenames
|
||||
PRIVATE_KEY_FILE="${IMAGE_ID}_${FILENAME_PREFIX}.key"
|
||||
CERTIFICATE_FILE="${IMAGE_ID}_${FILENAME_PREFIX}.crt"
|
||||
PRIVATE_KEY_FILE="${IMAGE_ID}.${FILENAME_PREFIX}.key"
|
||||
CERTIFICATE_FILE="${IMAGE_ID}.${FILENAME_PREFIX}.crt"
|
||||
|
||||
# Period of validity (in days) for the created certificate.
|
||||
# Defaults to 3650, i.e. 10 years.
|
||||
|
@ -79,7 +79,7 @@ generate_key_pair() {
|
|||
}
|
||||
|
||||
generate_secureboot_keys() {
|
||||
generate_key_pair "secureboot" "/CN=$IMAGE_ID UEFI CA $(date +%Y)" "rsa"
|
||||
generate_key_pair "secure-boot" "/CN=$IMAGE_ID UEFI CA $(date +%Y)" "rsa"
|
||||
}
|
||||
|
||||
generate_verity_keys() {
|
||||
|
|
Loading…
Reference in New Issue