From f055cad650a4b74013fd34ef3441b70a4b7fa409 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Joann=20M=C3=B5ndresku?= <joann@cernodile.com>
Date: Wed, 15 May 2024 22:30:21 +0300
Subject: [PATCH] Cert must be fullchain for most webservers

---
 content/posts/reverse-engineering-a-mobile-app-protobuf-api.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/content/posts/reverse-engineering-a-mobile-app-protobuf-api.md b/content/posts/reverse-engineering-a-mobile-app-protobuf-api.md
index 00a28c9..3ef80ca 100644
--- a/content/posts/reverse-engineering-a-mobile-app-protobuf-api.md
+++ b/content/posts/reverse-engineering-a-mobile-app-protobuf-api.md
@@ -126,7 +126,8 @@ openssl req -x509 -new -nodes -key myCA.key -sha256 -days 1825 -out myCA.pem
 # Create a CSR and lets have the new CA sign it
 openssl genrsa -out auxbrain.key 2048
 openssl req -new -key auxbrain.key -out auxbrain.csr -nodes
-openssl x509 -req -in auxbrain.csr -CA myCA.pem -CAkey myCA.key -CAcreateserial -out auxbrain.pem -days 825 -sha256 -extfile auxbrain.ext
+openssl x509 -req -in auxbrain.csr -CA myCA.pem -CAkey myCA.key -CAcreateserial -out auxbrain.crt -days 825 -sha256 -extfile auxbrain.ext
+cat auxbrain.crt myCA.pem > auxbrain.pem
 # You now have:
 # myCA.pem - the public certificate of your root CA
 # auxbrain.key - the private key for your webserver
-- 
2.25.1