I am trying to figure out how to make a EV code signing certificate with a custom CA. The only things I could find on google was for Web certificates.
This is how I currently make a regular code signing certificate
openssl req -newkey rsa:2048 -keyout certs/key.key -out certs/key.csr
openssl x509 -req -days 360 -in certs/key.csr -CA CA-Pub.pem -CAkey CA-Priv.key -CAcreateserial -out certs/key.crt
I am sorry if this is formatted badly I am quite new to stack overflow (writing)
The difference with an EV certificate is that it has a CP (Certificate Policy) extension to identify (an OID) that this is an EV certificate.
Each CA has its own OID that identifies that this certificate is issued by this CA and that it is through the processes of validating as per EV standards.
The browser needs to recognize this EV CA and it does that through this special OID. Therefore you can create your own OID and use that in the CP extension. However, the browsers (or any other trusting application) need to approve and build trust for this CA and that it is capable of issuing EV certificates.
This has a section on inserting custom OIDs.
Also, this has details and links to RFC5280 where all of CP is explained.