fix gen-tls-cert script

2025-10-26 11:52:20 +01:00 · 2025-10-26 11:52:20 +01:00 · 6e4483c7fe
commit 6e4483c7fe
parent 6aa65154f7
1 changed files with 3 additions and 3 deletions
--- a/bin/gen-tls-cert
+++ b/bin/gen-tls-cert
@ -1,6 +1,6 @@
 #!/bin/sh
 tmp=$(mktemp -d)
-trap 'rm -rf -- "$keyfile"' EXIT
+trap 'rm -rf -- "$tmp"' EXIT

 # ref https://stackoverflow.com/questions/59738140/why-is-firefox-not-trusting-my-self-signed-certificate
 openssl req -x509 -nodes \
@ -8,7 +8,7 @@ openssl req -x509 -nodes \
  -keyout "$tmp/ca.key" \
  -days 365 \
  -out "$tmp/ca.cert" \
-  -subj '/CN=hd_root' \
+  -subj '/CN=hd_root'

 rm secrets/tlskey.age
 openssl req -nodes \
@ -27,4 +27,4 @@ openssl x509 -req \
  -CAcreateserial \
  -extfile <(printf "subjectAltName=DNS:roam.lan,DNS:*.roam.lan\nauthorityKeyIdentifier=keyid,issuer\nbasicConstraints=CA:FALSE\nkeyUsage=digitalSignature,keyEncipherment\nextendedKeyUsage=serverAuth")

-mv "$tmp/ca.cert" pki/ca.cert
+mv "$tmp/ca.cert" pki/ca.cert