deepforu47/openssl-generate-rsa-pss.sh

## openssl-generate-rsa-pss.sh
# Generate RSASSA-PSS private key for CA
# The key size is 2048; the exponent is 65537
openssl genpkey -algorithm rsa-pss -pkeyopt rsa_keygen_bits:2048 -out CA.priKey

# Generate self-signed RSASSA-PSS CA
openssl req -x509 -new -key CA.priKey -subj "/CN=CA" -sha256 -out CA.cer

# Generate RSASSA-PSS private key for EE
openssl genpkey -algorithm rsa-pss -pkeyopt rsa_keygen_bits:2048  -out EE.priKey

# Generate certificate signing request for RSASSA-PSS EE
openssl req -new -key EE.priKey -subj "/CN=my.org" -sha256 -out EE.csr

# Generate RSASSA-PSS EE based on the above CSR, and sign it with the above RSASSA-PSS CA
openssl x509 -req -CAcreateserial -in EE.csr -sha256 -CA CA.cer -CAkey CA.priKey -out EE.cer
	# Generate RSASSA-PSS private key for CA
	# The key size is 2048; the exponent is 65537
	openssl genpkey -algorithm rsa-pss -pkeyopt rsa_keygen_bits:2048 -out CA.priKey

	# Generate self-signed RSASSA-PSS CA
	openssl req -x509 -new -key CA.priKey -subj "/CN=CA" -sha256 -out CA.cer

	# Generate RSASSA-PSS private key for EE
	openssl genpkey -algorithm rsa-pss -pkeyopt rsa_keygen_bits:2048 -out EE.priKey

	# Generate certificate signing request for RSASSA-PSS EE
	openssl req -new -key EE.priKey -subj "/CN=my.org" -sha256 -out EE.csr

	# Generate RSASSA-PSS EE based on the above CSR, and sign it with the above RSASSA-PSS CA
	openssl x509 -req -CAcreateserial -in EE.csr -sha256 -CA CA.cer -CAkey CA.priKey -out EE.cer