11573Srgrimes#!/bin/sh 21573Srgrimes 31573Srgrimes# This script will re-make all the required certs. 41573Srgrimes# cd apps 51573Srgrimes# sh ../util/mkcerts.sh 61573Srgrimes# mv ca-cert.pem pca-cert.pem ../certs 71573Srgrimes# cd .. 81573Srgrimes# cat certs/*.pem >>apps/server.pem 91573Srgrimes# cat certs/*.pem >>apps/server2.pem 101573Srgrimes# SSLEAY=`pwd`/apps/ssleay; export SSLEAY 111573Srgrimes# sh tools/c_rehash certs 121573Srgrimes# 131573Srgrimes 141573SrgrimesCAbits=1024 151573SrgrimesSSLEAY="../apps/openssl" 161573SrgrimesCONF="-config ../apps/openssl.cnf" 171573Srgrimes 181573Srgrimes# create pca request. 191573Srgrimesecho creating $CAbits bit PCA cert request 201573Srgrimes$SSLEAY req $CONF \ 211573Srgrimes -new -md5 -newkey $CAbits \ 221573Srgrimes -keyout pca-key.pem \ 231573Srgrimes -out pca-req.pem -nodes >/dev/null <<EOF 241573SrgrimesAU 251573SrgrimesQueensland 261573Srgrimes. 271573SrgrimesCryptSoft Pty Ltd 281573Srgrimes. 2950476SpeterTest PCA (1024 bit) 301573Srgrimes 31178245Skib 321573Srgrimes 3379531SruEOF 341573Srgrimes 35178245Skibif [ $? != 0 ]; then 36178245Skib echo problems generating PCA request 37178245Skib exit 1 3884805Srufi 3959460Sphantom 4059460Sphantom#sign it. 411573Srgrimesecho 4284306Sruecho self signing PCA 431573Srgrimes$SSLEAY x509 -md5 -days 1461 \ 441573Srgrimes -req -signkey pca-key.pem \ 4583797Srwatson -CAcreateserial -CAserial pca-cert.srl \ 4683797Srwatson -in pca-req.pem -out pca-cert.pem 47178245Skib 48178245Skibif [ $? != 0 ]; then 491573Srgrimes echo problems self signing PCA cert 501573Srgrimes exit 1 511573Srgrimesfi 5283797Srwatsonecho 5383797Srwatson 54108028Sru# create ca request. 551573Srgrimesecho creating $CAbits bit CA cert request 5684805Sru$SSLEAY req $CONF \ 571573Srgrimes -new -md5 -newkey $CAbits \ 5884805Sru -keyout ca-key.pem \ 591573Srgrimes -out ca-req.pem -nodes >/dev/null <<EOF 6084805SruAU 6184805SruQueensland 6284805Sru. 631573SrgrimesCryptSoft Pty Ltd 641573Srgrimes. 6584805SruTest CA (1024 bit) 661573Srgrimes 6784805Sru 681573Srgrimes 691573SrgrimesEOF 7084805Sru 711573Srgrimesif [ $? != 0 ]; then 7284805Sru echo problems generating CA request 7384805Sru exit 1 7484805Srufi 751573Srgrimes 7681362Smike#sign it. 7784805Sruecho 7881362Smikeecho signing CA 7981362Smike$SSLEAY x509 -md5 -days 1461 \ 8081362Smike -req \ 8184805Sru -CAcreateserial -CAserial pca-cert.srl \ 8283797Srwatson -CA pca-cert.pem -CAkey pca-key.pem \ 83108028Sru -in ca-req.pem -out ca-cert.pem 8484805Sru 8584805Sruif [ $? != 0 ]; then 8684805Sru echo problems signing CA cert 8783797Srwatson exit 1 88108028Srufi 8984805Sruecho 9084805Sru 9184805Sru# create server request. 921573Srgrimesecho creating 512 bit server cert request 93178245Skib$SSLEAY req $CONF \ 94178245Skib -new -md5 -newkey 512 \ 95178245Skib -keyout s512-key.pem \ 96178245Skib -out s512-req.pem -nodes >/dev/null <<EOF 97178245SkibAU 98178245SkibQueensland 99178245Skib. 100178245SkibCryptSoft Pty Ltd 101178245Skib. 102178245SkibServer test cert (512 bit) 103178245Skib 104178245Skib 105178245Skib 106178245SkibEOF 107178245Skib 108178245Skibif [ $? != 0 ]; then 109178245Skib echo problems generating 512 bit server cert request 110178245Skib exit 1 111178245Skibfi 112178245Skib 113178245Skib#sign it. 114178245Skibecho 115178245Skibecho signing 512 bit server cert 116178245Skib$SSLEAY x509 -md5 -days 365 \ 117178245Skib -req \ 118178245Skib -CAcreateserial -CAserial ca-cert.srl \ 119178245Skib -CA ca-cert.pem -CAkey ca-key.pem \ 120178245Skib -in s512-req.pem -out server.pem 121178245Skib 122178245Skibif [ $? != 0 ]; then 123178245Skib echo problems signing 512 bit server cert 124178245Skib exit 1 12583797Srwatsonfi 12681362Smikeecho 1271573Srgrimes 1281573Srgrimes# create 1024 bit server request. 1291573Srgrimesecho creating 1024 bit server cert request 1301573Srgrimes$SSLEAY req $CONF \ 1311573Srgrimes -new -md5 -newkey 1024 \ 1321573Srgrimes -keyout s1024key.pem \ 1331573Srgrimes -out s1024req.pem -nodes >/dev/null <<EOF 13484805SruAU 1351573SrgrimesQueensland 1361573Srgrimes. 1371573SrgrimesCryptSoft Pty Ltd 1381573Srgrimes. 1391573SrgrimesServer test cert (1024 bit) 1401573Srgrimes 1411573Srgrimes 1421573Srgrimes 1431573SrgrimesEOF 1441573Srgrimes 1451573Srgrimesif [ $? != 0 ]; then 1461573Srgrimes echo problems generating 1024 bit server cert request 1471573Srgrimes exit 1 1481573Srgrimesfi 1491573Srgrimes 1501573Srgrimes#sign it. 1511573Srgrimesecho 1521573Srgrimesecho signing 1024 bit server cert 1531573Srgrimes$SSLEAY x509 -md5 -days 365 \ 1541573Srgrimes -req \ 15581362Smike -CAcreateserial -CAserial ca-cert.srl \ 1561573Srgrimes -CA ca-cert.pem -CAkey ca-key.pem \ 157108087Sru -in s1024req.pem -out server2.pem 15884805Sru 159108087Sruif [ $? != 0 ]; then 1601573Srgrimes echo problems signing 1024 bit server cert 1611573Srgrimes exit 1 1621573Srgrimesfi 1631573Srgrimesecho 164178245Skib 165178245Skib# create 512 bit client request. 166178245Skibecho creating 512 bit client cert request 167178245Skib$SSLEAY req $CONF \ 168178245Skib -new -md5 -newkey 512 \ 169178245Skib -keyout c512-key.pem \ 170178245Skib -out c512-req.pem -nodes >/dev/null <<EOF 171178245SkibAU 172178245SkibQueensland 173178245Skib. 174178245SkibCryptSoft Pty Ltd 175178245Skib. 176178245SkibClient test cert (512 bit) 177178245Skib 178178245Skib 179178245Skib 180178245SkibEOF 181178245Skib 182178245Skibif [ $? != 0 ]; then 183178245Skib echo problems generating 512 bit client cert request 184178245Skib exit 1 185178245Skibfi 186178245Skib 187178245Skib#sign it. 188178245Skibecho 189178245Skibecho signing 512 bit client cert 190178245Skib$SSLEAY x509 -md5 -days 365 \ 191208027Suqs -req \ 192208027Suqs -CAcreateserial -CAserial ca-cert.srl \ 193208027Suqs -CA ca-cert.pem -CAkey ca-key.pem \ 194208027Suqs -in c512-req.pem -out client.pem 195208027Suqs 196208027Suqsif [ $? != 0 ]; then 197208027Suqs echo problems signing 512 bit client cert 198208027Suqs exit 1 199208027Suqsfi 200208027Suqs 201208027Suqsecho cleanup 202208027Suqs 203208027Suqscat pca-key.pem >> pca-cert.pem 204208027Suqscat ca-key.pem >> ca-cert.pem 205208027Suqscat s512-key.pem >> server.pem 206208027Suqscat s1024key.pem >> server2.pem 207208027Suqscat c512-key.pem >> client.pem 208208027Suqs 209208027Suqsfor i in pca-cert.pem ca-cert.pem server.pem server2.pem client.pem 210208027Suqsdo 211208027Suqs$SSLEAY x509 -issuer -subject -in $i -noout >$$ 21299214Schriscat $$ 21320097Swosch/bin/cat $i >>$$ 21420097Swosch/bin/mv $$ $i 215108028Srudone 21683797Srwatson 2171573Srgrimes#/bin/rm -f *key.pem *req.pem *.srl 21884805Sru 21984805Sruecho Finished 22083797Srwatson 22183797Srwatson