#! /bin/sh

# Normally, you don't need to regenerate the private key.
#
# openssl genrsa 4096 > key.pem

# Copy cert.pem content to the certificate value of the following manifest
# files:
#   1/stable/repositories.manifest
#   pkg/1/dev.cppget.org/signed/repositories.manifest
#
openssl req -x509 -new -key key.pem -days 3650 -config openssl.cnf > cert.pem

# To regenerate the packages and signature manifest files run:
#
# bpkg rep-create 1/math
# bpkg rep-create 1/stable --key key.pem
# bpkg rep-create pkg/1/dev.cppget.org/signed --key key.pem
#
# Update certificate fingerprint in loadtab for dev.cppget.org/signed
# repository. To print the fingerprint run:
#
# bpkg rep-info --cert-fingerprint pkg/1/dev.cppget.org/signed/