diff --git a/ssl/mkrootca.sh b/ssl/mkrootca.sh
index cea755b9..f19673d1 100755
--- a/ssl/mkrootca.sh
+++ b/ssl/mkrootca.sh
@@ -1,6 +1,45 @@
 #!/bin/sh
 echo Creating Root CA 
-openssl genrsa -des3 -out root-ca.key 1536 -config openssl.cnf
-openssl req -new -x509 -days 3365 -key root-ca.key -out root-ca.crt -config openssl.cnf 
+
+KEYSIZE=2048
+CONFIG=openssl.cnf
+
+ROOT_CA_DIR=./root-ca
+INT_CA_DIR=./intermediate-ca
+
+if [ ! -e $ROOT_CA_DIR ] 
+then
+	echo "Initializing root-ca"
+	mkdir $ROOT_CA_DIR
+	echo '1000' > $ROOT_CA_DIR/serial
+	touch $ROOT_CA_DIR/index.txt
+fi
+
+openssl req -nodes -new -x509 \
+	-sha1 \
+	-extensions v3_ca \
+	-days 3650 \
+	-newkey rsa:2048 \
+	-keyout $ROOT_CA_DIR/root-ca.key -out $ROOT_CA_DIR/root-ca.crt \
+	-config openssl.cnf \
+	-x509 \
+        -subj /C=DE/ST=Berlin/L=Berlin/O=Cauwersin/CN=7u83.cauwersin.com/emailAddress=7u83@mail.ru 
 
 
+
+if [ ! -e $INT_CA_DIR ] 
+then
+	echo "Initializing intermediate-ca"
+	mkdir $INT_CA_DIR
+	echo '1000' > $INT_CA_DIR/serial
+	touch $INT_CA_DIR/index.txt
+fi
+
+openssl genrsa -out $INT_CA_DIR/int-ca.key $KEYSIZE
+openssl req -sha1 -new -key $INT_CA_DIR/int-ca.key -out $INT_CA_DIR/int-ca.csr \
+        -subj /C=DE/ST=Berlin/L=Berlin/O=Cauwersin/CN=7u83.cauwersin.com/emailAddress=7u83@mail.ru 
+
+
+openssl ca -config openssl.cnf -keyfile $ROOT_CA_DIR/root-ca.key -cert $ROOT_CA_DIR/root-ca.crt \
+	-extensions v3_ca -notext -md sha1 -in $INT_CA_DIR/int-ca.csr -out $INT_CA_DIR/int-ca.crt
+