## Testing x509 certs for luvit
# Make the CA cert
openssl genrsa -out ca.key 4096
openssl req -new -x509 -days 365 -key ca.key -out ca.crt
# Make server cert and signing request
openssl genrsa -out server.key 4096
openssl req -new -key server.key -out server.csr
# Sign the server csr and generate a crt
openssl x509 -req -days 365 -in server.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out server.crt
# Output unencrypted server key
openssl rsa -in server.key -out server.key.insecure
# Output "raw" public key from server crt
openssl x509 -pubkey -noout -in server.crt > server.pub
# Sign the public key with the key (just for testing signatures)
openssl dgst -sign server.key.insecure -sha256 server.pub > server.pub.sig