1$! TESTSS.COM 2$ 3$ __arch := VAX 4$ if f$getsyi("cpu") .ge. 128 then __arch := AXP 5$ exe_dir := sys$disk:[-.'__arch'.exe.apps] 6$ 7$ digest="-md5" 8$ reqcmd := mcr 'exe_dir'openssl req 9$ x509cmd := mcr 'exe_dir'openssl x509 'digest' 10$ verifycmd := mcr 'exe_dir'openssl verify 11$ dummycnf := sys$disk:[-.apps]openssl-vms.cnf 12$ 13$ CAkey="""keyCA.ss""" 14$ CAcert="""certCA.ss""" 15$ CAreq="""reqCA.ss""" 16$ CAconf="""CAss.cnf""" 17$ CAreq2="""req2CA.ss""" ! temp 18$ 19$ Uconf="""Uss.cnf""" 20$ Ukey="""keyU.ss""" 21$ Ureq="""reqU.ss""" 22$ Ucert="""certU.ss""" 23$ 24$ write sys$output "" 25$ write sys$output "make a certificate request using 'req'" 26$ 27$ set noon 28$ define/user sys$output nla0: 29$ mcr 'exe_dir'openssl no-rsa 30$ save_severity=$SEVERITY 31$ set on 32$ if save_severity 33$ then 34$ req_new="-newkey dsa:[-.apps]dsa512.pem" 35$ else 36$ req_new="-new" 37$ endif 38$ 39$ 'reqcmd' -config 'CAconf' -out 'CAreq' -keyout 'CAkey' 'req_new' ! -out err.ss 40$ if $severity .ne. 1 41$ then 42$ write sys$output "error using 'req' to generate a certificate request" 43$ exit 3 44$ endif 45$ write sys$output "" 46$ write sys$output "convert the certificate request into a self signed certificate using 'x509'" 47$ define /user sys$output err.ss 48$ 'x509cmd' "-CAcreateserial" -in 'CAreq' -days 30 -req -out 'CAcert' -signkey 'CAkey' 49$ if $severity .ne. 1 50$ then 51$ write sys$output "error using 'x509' to self sign a certificate request" 52$ exit 3 53$ endif 54$ 55$ write sys$output "" 56$ write sys$output "convert a certificate into a certificate request using 'x509'" 57$ define /user sys$output err.ss 58$ 'x509cmd' -in 'CAcert' -x509toreq -signkey 'CAkey' -out 'CAreq2' 59$ if $severity .ne. 1 60$ then 61$ write sys$output "error using 'x509' convert a certificate to a certificate request" 62$ exit 3 63$ endif 64$ 65$ 'reqcmd' -config 'dummycnf' -verify -in 'CAreq' -noout 66$ if $severity .ne. 1 67$ then 68$ write sys$output "first generated request is invalid" 69$ exit 3 70$ endif 71$ 72$ 'reqcmd' -config 'dummycnf' -verify -in 'CAreq2' -noout 73$ if $severity .ne. 1 74$ then 75$ write sys$output "second generated request is invalid" 76$ exit 3 77$ endif 78$ 79$ 'verifycmd' "-CAfile" 'CAcert' 'CAcert' 80$ if $severity .ne. 1 81$ then 82$ write sys$output "first generated cert is invalid" 83$ exit 3 84$ endif 85$ 86$ write sys$output "" 87$ write sys$output "make another certificate request using 'req'" 88$ define /user sys$output err.ss 89$ 'reqcmd' -config 'Uconf' -out 'Ureq' -keyout 'Ukey' 'req_new' 90$ if $severity .ne. 1 91$ then 92$ write sys$output "error using 'req' to generate a certificate request" 93$ exit 3 94$ endif 95$ 96$ write sys$output "" 97$ write sys$output "sign certificate request with the just created CA via 'x509'" 98$ define /user sys$output err.ss 99$ 'x509cmd' "-CAcreateserial" -in 'Ureq' -days 30 -req -out 'Ucert' "-CA" 'CAcert' "-CAkey" 'CAkey' 100$ if $severity .ne. 1 101$ then 102$ write sys$output "error using 'x509' to sign a certificate request" 103$ exit 3 104$ endif 105$ 106$ 'verifycmd' "-CAfile" 'CAcert' 'Ucert' 107$ write sys$output "" 108$ write sys$output "Certificate details" 109$ 'x509cmd' -subject -issuer -startdate -enddate -noout -in 'Ucert' 110$ 111$ write sys$output "" 112$ write sys$output "The generated CA certificate is ",CAcert 113$ write sys$output "The generated CA private key is ",CAkey 114$ 115$ write sys$output "The generated user certificate is ",Ucert 116$ write sys$output "The generated user private key is ",Ukey 117$ 118$ if f$search("err.ss;*") .nes. "" then delete err.ss;* 119