(linenum→info "unix/slp.c:2238")

openssl/0.9.8g/util/mkcerts.sh

    1: #!/bin/sh
    2: 
    3: # This script will re-make all the required certs.
    4: # cd apps
    5: # sh ../util/mkcerts.sh
    6: # mv ca-cert.pem pca-cert.pem ../certs
    7: # cd ..
    8: # cat certs/*.pem >>apps/server.pem
    9: # cat certs/*.pem >>apps/server2.pem
   10: # SSLEAY=`pwd`/apps/ssleay; export SSLEAY
   11: # sh tools/c_rehash certs
   12: #
   13:  
   14: CAbits=1024
   15: SSLEAY="../apps/openssl"
   16: CONF="-config ../apps/openssl.cnf"
   17: 
   18: # create pca request.
   19: echo creating $CAbits bit PCA cert request
   20: $SSLEAY req $CONF \
   21:         -new -md5 -newkey $CAbits \
   22:         -keyout pca-key.pem \
   23:         -out pca-req.pem -nodes >/dev/null <<EOF
   24: AU
   25: Queensland
   26: .
   27: CryptSoft Pty Ltd
   28: .
   29: Test PCA (1024 bit)
   30: 
   31: 
   32: 
   33: EOF
   34: 
   35: if [ $? != 0 ]; then
   36:         echo problems generating PCA request
   37:         exit 1
   38: fi
   39: 
   40: #sign it.
   41: echo
   42: echo self signing PCA
   43: $SSLEAY x509 -md5 -days 1461 \
   44:         -req -signkey pca-key.pem \
   45:         -CAcreateserial -CAserial pca-cert.srl \
   46:         -in pca-req.pem -out pca-cert.pem
   47: 
   48: if [ $? != 0 ]; then
   49:         echo problems self signing PCA cert
   50:         exit 1
   51: fi
   52: echo
   53: 
   54: # create ca request.
   55: echo creating $CAbits bit CA cert request
   56: $SSLEAY req $CONF \
   57:         -new -md5 -newkey $CAbits \
   58:         -keyout ca-key.pem \
   59:         -out ca-req.pem -nodes >/dev/null <<EOF
   60: AU
   61: Queensland
   62: .
   63: CryptSoft Pty Ltd
   64: .
   65: Test CA (1024 bit)
   66: 
   67: 
   68: 
   69: EOF
   70: 
   71: if [ $? != 0 ]; then
   72:         echo problems generating CA request
   73:         exit 1
   74: fi
   75: 
   76: #sign it.
   77: echo
   78: echo signing CA
   79: $SSLEAY x509 -md5 -days 1461 \
   80:         -req \
   81:         -CAcreateserial -CAserial pca-cert.srl \
   82:         -CA pca-cert.pem -CAkey pca-key.pem \
   83:         -in ca-req.pem -out ca-cert.pem
   84: 
   85: if [ $? != 0 ]; then
   86:         echo problems signing CA cert
   87:         exit 1
   88: fi
   89: echo
   90: 
   91: # create server request.
   92: echo creating 512 bit server cert request
   93: $SSLEAY req $CONF \
   94:         -new -md5 -newkey 512 \
   95:         -keyout s512-key.pem \
   96:         -out s512-req.pem -nodes >/dev/null <<EOF
   97: AU
   98: Queensland
   99: .
  100: CryptSoft Pty Ltd
  101: .
  102: Server test cert (512 bit)
  103: 
  104: 
  105: 
  106: EOF
  107: 
  108: if [ $? != 0 ]; then
  109:         echo problems generating 512 bit server cert request
  110:         exit 1
  111: fi
  112: 
  113: #sign it.
  114: echo
  115: echo signing 512 bit server cert
  116: $SSLEAY x509 -md5 -days 365 \
  117:         -req \
  118:         -CAcreateserial -CAserial ca-cert.srl \
  119:         -CA ca-cert.pem -CAkey ca-key.pem \
  120:         -in s512-req.pem -out server.pem
  121: 
  122: if [ $? != 0 ]; then
  123:         echo problems signing 512 bit server cert
  124:         exit 1
  125: fi
  126: echo
  127: 
  128: # create 1024 bit server request.
  129: echo creating 1024 bit server cert request
  130: $SSLEAY req $CONF \
  131:         -new -md5 -newkey 1024 \
  132:         -keyout s1024key.pem \
  133:         -out s1024req.pem -nodes >/dev/null <<EOF
  134: AU
  135: Queensland
  136: .
  137: CryptSoft Pty Ltd
  138: .
  139: Server test cert (1024 bit)
  140: 
  141: 
  142: 
  143: EOF
  144: 
  145: if [ $? != 0 ]; then
  146:         echo problems generating 1024 bit server cert request
  147:         exit 1
  148: fi
  149: 
  150: #sign it.
  151: echo
  152: echo signing 1024 bit server cert
  153: $SSLEAY x509 -md5 -days 365 \
  154:         -req \
  155:         -CAcreateserial -CAserial ca-cert.srl \
  156:         -CA ca-cert.pem -CAkey ca-key.pem \
  157:         -in s1024req.pem -out server2.pem
  158: 
  159: if [ $? != 0 ]; then
  160:         echo problems signing 1024 bit server cert
  161:         exit 1
  162: fi
  163: echo
  164: 
  165: # create 512 bit client request.
  166: echo creating 512 bit client cert request
  167: $SSLEAY req $CONF \
  168:         -new -md5 -newkey 512 \
  169:         -keyout c512-key.pem \
  170:         -out c512-req.pem -nodes >/dev/null <<EOF
  171: AU
  172: Queensland
  173: .
  174: CryptSoft Pty Ltd
  175: .
  176: Client test cert (512 bit)
  177: 
  178: 
  179: 
  180: EOF
  181: 
  182: if [ $? != 0 ]; then
  183:         echo problems generating 512 bit client cert request
  184:         exit 1
  185: fi
  186: 
  187: #sign it.
  188: echo
  189: echo signing 512 bit client cert
  190: $SSLEAY x509 -md5 -days 365 \
  191:         -req \
  192:         -CAcreateserial -CAserial ca-cert.srl \
  193:         -CA ca-cert.pem -CAkey ca-key.pem \
  194:         -in c512-req.pem -out client.pem
  195: 
  196: if [ $? != 0 ]; then
  197:         echo problems signing 512 bit client cert
  198:         exit 1
  199: fi
  200: 
  201: echo cleanup
  202: 
  203: cat pca-key.pem  >> pca-cert.pem
  204: cat ca-key.pem   >> ca-cert.pem
  205: cat s512-key.pem >> server.pem
  206: cat s1024key.pem >> server2.pem
  207: cat c512-key.pem >> client.pem
  208: 
  209: for i in pca-cert.pem ca-cert.pem server.pem server2.pem client.pem
  210: do
  211: $SSLEAY x509 -issuer -subject -in $i -noout >$$
  212: cat $$
  213: /bin/cat $i >>$$
  214: /bin/mv $$ $i
  215: done
  216: 
  217: #/bin/rm -f *key.pem *req.pem *.srl
  218: 
  219: echo Finished
  220:
Syntax (Markdown)