Update CyaSSL to latest version.

FreeRTOS-Plus/Source/CyaSSL/certs/taoCert.txt

@@ -1,11 +1,11 @@
 
 ***** Create a self signed cert ************
 
-1) openssl genrsa 512 > client-key.pem
+1) openssl genrsa 1024 > client-key.pem
 
-2) openssl req -new -x509 -nodes -md5 -days 1000 -key client-key.pem > client-cert.pem
+2) openssl req -new -x509 -nodes -sha1 -days 1000 -key client-key.pem > client-cert.pem
 
-3) note sha1 would be -sha1
+3) note md5 would be -md5
 
 -- adding metadata to beginning
 
@@ -21,15 +21,31 @@ same as self signed, use ca prefix instead of client
 
 ***** Create a cert signed by CA **************
 
-1) openssl req -newkey rsa:512 -md5 -days 1000 -nodes -keyout server-key.pem > server-req.pem
+1) openssl req -newkey rsa:1024 -sha1 -days 1000 -nodes -keyout server-key.pem > server-req.pem
 
 * note if using exisitng key do: -new -key keyName
 
 2) copy ca-key.pem ca-cert.srl   (why ????)
 
-3) openssl x509 -req -in server-req.pem -days 1000 -md5 -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 > server-cert.pem
+3) openssl x509 -req -in server-req.pem -days 1000 -sha1 -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 > server-cert.pem
 
 
+***** Adding Subject Key ID and Authentication Key ID extensions to a cert *****
+
+Create a config file for OpenSSL with the example contents:
+
+    [skidakid]
+    subjectKeyIdentifier=hash
+    authorityKeyIdentifier=keyid
+
+Add to the openssl command for creating a cert signed by a CA step 3 the
+following options:
+
+    -extfile <file.cnf> -extensions skidakid
+
+anywhere before the redirect. This will add the cert's public key hash as the
+Subject Key Identifier, and the signer's SKID as the Authentication Key ID.
+
 
 ***** To create a dsa cert ********************