Formalize secure-boot signing keys name
This commit is contained in:
parent
3630d25d6e
commit
a8bd0d8a8b
|
@ -13,10 +13,10 @@ MinimumVersion=20.2
|
||||||
|
|
||||||
[Validation]
|
[Validation]
|
||||||
# Use RSA 2048 keys for wide UEFI compatibility
|
# Use RSA 2048 keys for wide UEFI compatibility
|
||||||
SecureBootKey=signing-keys/rafeOS_secureboot.key
|
SecureBootKey=signing-keys/rafeOS.secure-boot.key
|
||||||
SecureBootCertificate=signing-keys/rafeOS_secureboot.crt
|
SecureBootCertificate=signing-keys/rafeOS.secure-boot.crt
|
||||||
VerityKey=signing-keys/rafeOS_secureboot.key
|
VerityKey=signing-keys/rafeOS.secure-boot.key
|
||||||
VerityCertificate=signing-keys/rafeOS_secureboot.crt
|
VerityCertificate=signing-keys/rafeOS.secure-boot.crt
|
||||||
|
|
||||||
[Host]
|
[Host]
|
||||||
Incremental=true
|
Incremental=true
|
||||||
|
|
|
@ -24,8 +24,8 @@ generate_key_pair() {
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Default filenames
|
# Default filenames
|
||||||
PRIVATE_KEY_FILE="${IMAGE_ID}_${FILENAME_PREFIX}.key"
|
PRIVATE_KEY_FILE="${IMAGE_ID}.${FILENAME_PREFIX}.key"
|
||||||
CERTIFICATE_FILE="${IMAGE_ID}_${FILENAME_PREFIX}.crt"
|
CERTIFICATE_FILE="${IMAGE_ID}.${FILENAME_PREFIX}.crt"
|
||||||
|
|
||||||
# Period of validity (in days) for the created certificate.
|
# Period of validity (in days) for the created certificate.
|
||||||
# Defaults to 3650, i.e. 10 years.
|
# Defaults to 3650, i.e. 10 years.
|
||||||
|
@ -79,7 +79,7 @@ generate_key_pair() {
|
||||||
}
|
}
|
||||||
|
|
||||||
generate_secureboot_keys() {
|
generate_secureboot_keys() {
|
||||||
generate_key_pair "secureboot" "/CN=$IMAGE_ID UEFI CA $(date +%Y)" "rsa"
|
generate_key_pair "secure-boot" "/CN=$IMAGE_ID UEFI CA $(date +%Y)" "rsa"
|
||||||
}
|
}
|
||||||
|
|
||||||
generate_verity_keys() {
|
generate_verity_keys() {
|
||||||
|
|
Loading…
Reference in a new issue