1: rem set ssleay=..\out\ssleay
    2: set ssleay=%1
    3: 
    4: set reqcmd=%ssleay% req
    5: set x509cmd=%ssleay% x509
    6: set verifycmd=%ssleay% verify
    7: 
    8: set CAkey=\OpenSSL\keyCA.ss
    9: set CAcert=\OpenSSL\certCA.ss
   10: set CAserial=\OpenSSL\certCA.srl
   11: set CAreq=\OpenSSL\reqCA.ss
   12: cecopy ..\test\CAss.cnf CE:\OpenSSL
   13: set CAconf=\OpenSSL\CAss.cnf
   14: set CAreq2=\OpenSSL\req2CA.ss   
   15: 
   16: cecopy ..\test\Uss.cnf CE:\OpenSSL
   17: set Uconf=\OpenSSL\Uss.cnf
   18: set Ukey=\OpenSSL\keyU.ss
   19: set Ureq=\OpenSSL\reqU.ss
   20: set Ucert=\OpenSSL\certU.ss
   21: 
   22: echo make a certificate request using 'req'
   23: cerun CE:\OpenSSL\%reqcmd% -config %CAconf% -out %CAreq% -keyout %CAkey% -new
   24: if errorlevel 1 goto e_req
   25: 
   26: echo convert the certificate request into a self signed certificate using 'x509'
   27: cerun CE:\OpenSSL\%x509cmd% -CAcreateserial -in %CAreq% -days 30 -req -out %CAcert% -signkey %CAkey% "> \OpenSSL\err.ss"
   28: if errorlevel 1 goto e_x509
   29: 
   30: echo --
   31: echo convert a certificate into a certificate request using 'x509'
   32: cerun CE:\OpenSSL\%x509cmd% -in %CAcert% -x509toreq -signkey %CAkey% -out %CAreq2% "> \OpenSSL\err.ss"
   33: if errorlevel 1 goto e_x509_2
   34: 
   35: cerun CE:\OpenSSL\%reqcmd% -verify -in %CAreq% -noout
   36: if errorlevel 1 goto e_vrfy_1
   37: 
   38: cerun CE:\OpenSSL\%reqcmd% -verify -in %CAreq2% -noout
   39: if errorlevel 1 goto e_vrfy_2
   40: 
   41: cerun CE:\OpenSSL\%verifycmd% -CAfile %CAcert% %CAcert%
   42: if errorlevel 1 goto e_vrfy_3
   43: 
   44: echo --
   45: echo make another certificate request using 'req'
   46: cerun CE:\OpenSSL\%reqcmd% -config %Uconf% -out %Ureq% -keyout %Ukey% -new "> \OpenSSL\err.ss"
   47: if errorlevel 1 goto e_req_gen
   48: 
   49: echo --
   50: echo sign certificate request with the just created CA via 'x509'
   51: cerun CE:\OpenSSL\%x509cmd% -CAcreateserial -in %Ureq% -days 30 -req -out %Ucert% -CA %CAcert% -CAkey %CAkey% -CAserial %CAserial%
   52: if errorlevel 1 goto e_x_sign
   53: 
   54: cerun CE:\OpenSSL\%verifycmd% -CAfile %CAcert% %Ucert%
   55: echo --
   56: echo Certificate details
   57: cerun CE:\OpenSSL\%x509cmd% -subject -issuer -startdate -enddate -noout -in %Ucert%
   58: 
   59: cecopy CE:%CAcert% .
   60: cecopy CE:%CAkey% .
   61: cecopy CE:%CAserial% .
   62: cecopy CE:%Ucert% .
   63: cecopy CE:%Ukey% .
   64: 
   65: echo Everything appeared to work
   66: echo --
   67: echo The generated CA certificate is %CAcert%
   68: echo The generated CA private key is %CAkey%
   69: echo The current CA signing serial number is in %CAserial%
   70: 
   71: echo The generated user certificate is %Ucert%
   72: echo The generated user private key is %Ukey%
   73: echo --
   74: 
   75: cedel CE:\OpenSSL\err.ss
   76: 
   77: goto end
   78: 
   79: :e_req
   80: echo error using 'req' to generate a certificate request
   81: goto end
   82: :e_x509
   83: echo error using 'x509' to self sign a certificate request
   84: goto end
   85: :e_x509_2
   86: echo error using 'x509' convert a certificate to a certificate request
   87: goto end
   88: :e_vrfy_1
   89: echo first generated request is invalid
   90: goto end
   91: :e_vrfy_2
   92: echo second generated request is invalid
   93: goto end
   94: :e_vrfy_3
   95: echo first generated cert is invalid
   96: goto end
   97: :e_req_gen
   98: echo error using 'req' to generate a certificate request
   99: goto end
  100: :e_x_sign
  101: echo error using 'x509' to sign a certificate request
  102: goto end
  103: 
  104: :end