r00t2/ssladmin
Archived
1
0
Fork 0
Code Issues Pull Requests Projects Releases Activity

v1! working now. should create full PKI.

Browse Source 
TODO: add better standalone-script support (e.g. adding clients), conf support (so they all pull their variables from the same place), etc.
This commit is contained in:
brent s. 2016-02-22 14:49:15 -05:00
parent d09aa3281e
commit 125919ee3a
4 changed files with 15 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
gen.intermediate.cert.sh
View File

@ -2,5 +2,5 @@
set -e

echo "Generating intermediate certificate..."
openssl CA -config ${rootdir}/openssl.cnf -days 3650 -extensions v3_ca -notext -md sha512 -in ${rootdir}/intermediate/csr/intermediate.csr -out ${rootdir}/intermediate/crt/intermediate.crt > /dev/null 2>&1
openssl ca -config ${rootdir}/openssl.cnf -batch -days 3650 -extensions v3_ca -notext -md sha512 -in ${rootdir}/intermediate/csr/intermediate.csr -out ${rootdir}/intermediate/crt/intermediate.crt > /dev/null 2>&1
chmod 444 ${rootdir}/intermediate/crt/intermediate.crt

6
gen.serverclient.cert-server.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
set -e

echo "Generating certificate (${1})..."
openssl CA -config ${rootdir}/intermediate/openssl.cnf -days 3650 -extensions server_cert -notext -md sha512 -in ${rootdir}/csr/${1}.csr -out ${rootdir}/crt/${1}.crt > /dev/null 2>&1
chmod 444 ${rootdir}/${1}/crt/${1}.crt
echo "Generating certificate (${1}) (server certificate)..."
openssl ca -config ${rootdir}/intermediate/openssl.cnf -batch -days 3650 -extensions server_cert -notext -md sha512 -in ${rootdir}/csr/${1}.csr -out ${rootdir}/crt/${1}.crt > /dev/null 2>&1
chmod 444 ${rootdir}/crt/${1}.crt

6
gen.serverclient.cert-user.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
set -e

echo "Generating certificate (${1})..."
openssl CA -config ${rootdir}/intermediate/openssl.cnf -days 3650 -extensions usr_cert -notext -md sha512 -in ${rootdir}/csr/${1}.csr -out ${rootdir}/crt/${1}.crt > /dev/null 2>&1
chmod 444 ${rootdir}/crt/${1}.crt
echo "Generating certificate (${1}) (user)..."
openssl ca -config ${rootdir}/intermediate/openssl.cnf -batch -days 3650 -extensions usr_cert -notext -md sha512 -in ${rootdir}/csr/${1}.csr -out ${rootdir}/crt/${1}.user.crt > /dev/null 2>&1
chmod 444 ${rootdir}/crt/${1}.user.crt

8
gen.serverclient.chain.sh Normal file
View File

@ -0,0 +1,8 @@
#!/bin/bash
set -e

echo "Generating chain cert files (${1})..."
cat ${rootdir}/crt/${1}.crt ${rootdir}/intermediate/crt/intermediate-chained.crt > ${rootdir}/crt/${1}-chained.crt
#cat ${rootdir}/crt/${1}.user.crt ${rootdir}/intermediate/crt/intermediate-chained.crt > ${rootdir}/crt/${1}.user-chained.crt
chmod 444 ${rootdir}/crt/${1}-chained.crt
#chmod 444 ${rootdir}/crt/${1}.user-chained.crt