ovs-openflowd: Prefer --fail=standalone|secure over --fail=open|closed.

[sliver-openvswitch.git] / utilities / ovs-pki.in

diff --git a/utilities/ovs-pki.in b/utilities/ovs-pki.in
index 22b5f2a..ea959fd 100755 (executable)
--- a/utilities/ovs-pki.in
+++ b/utilities/ovs-pki.in
@@ -1,6 +1,6 @@
 #! /bin/sh
 
-# Copyright (c) 2008, 2009 Nicira Networks, Inc.
+# Copyright (c) 2008, 2009, 2010 Nicira Networks, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -271,7 +271,7 @@ EOF
             -newkey $newkey -keyout private/cakey.pem -out careq.pem \
             1>&3 2>&3
         openssl ca -config ca.cnf -create_serial -out cacert.pem \
-            -days 1095 -batch -keyfile private/cakey.pem -selfsign \
+            -days 2191 -batch -keyfile private/cakey.pem -selfsign \
             -infiles careq.pem 1>&3 2>&3
         chmod 0700 private/cakey.pem
 
@@ -348,10 +348,9 @@ make_tmpdir() {
 }
 
 fingerprint() {
-    local file=$1
-    local name=${1-$2}
-    local date=$(date -r $file)
-    local fingerprint
+    file=$1
+    name=${1-$2}
+    date=$(date -r $file)
     if grep -q -e '-BEGIN CERTIFICATE-' "$file"; then
         fingerprint=$(openssl x509 -noout -in "$file" -fingerprint |
                       sed 's/SHA1 Fingerprint=//' | tr -d ':')
@@ -472,7 +471,7 @@ sign_request() {
 }
 
 glob() {
-    local files=$(echo $1)
+    files=$(echo $1)
     if test "$files" != "$1"; then
         echo "$files"
     fi