Add more certs generation. Update README.

README

@@ -1,7 +1,7 @@
-Certificates creation:
+The file ca.key can only be found in the encrypted archive for secrets.
-./create_conf.sh
 
-Then store the directory conf/ in the encrypted archive for secrets.
+Certificates are created as below and the directory conf is stored in the encrypted archive for secrets:
+./create_conf.sh
 
 Two docker-compose files are provided: one in host mode and one for regular docker network.
 

create_conf.sh

@@ -13,9 +13,11 @@ openssl x509 -req -days 3650 -CA ca.crt -CAkey ca.key -CAcreateserial -extension
 openssl req -nodes -new -keyout client2.key -out client2.csr -subj "/C=FR/O=scimetis/CN=serveur-appart.scimetis.net" -reqexts usr_cert -config ../openssl.conf
 openssl x509 -req -days 3650 -CA ca.crt -CAkey ca.key -CAcreateserial -extensions usr_cert -extfile ../openssl.conf -in client2.csr -out client2.crt
 
-NAME=modane
+for NAME in modane Y10
+do
   openssl req -nodes -new -keyout ${NAME}.key -out ${NAME}.csr -subj "/C=FR/O=scimetis/CN=${NAME}.scimetis.net" -reqexts usr_cert -config ../openssl.conf
   openssl x509 -req -days 3650 -CA ca.crt -CAkey ca.key -CAcreateserial -extensions usr_cert -extfile ../openssl.conf -in ${NAME}.csr -out ${NAME}.crt
+done
 
 chcon -R -u system_u -r object_r -t svirt_sandbox_file_t ./
 mkdir keys