temporary checkin
This commit is contained in:
		
							parent
							
								
									b35241f7d0
								
							
						
					
					
						commit
						c72dc5389b
					
				| @ -2,5 +2,5 @@ | |||||||
| set -e | set -e | ||||||
| 
 | 
 | ||||||
| echo "Generating CA certificate..." | echo "Generating CA certificate..." | ||||||
| openssl req -config ${rootdir}/openssl.cnf -key ${rootdir}/key/ca.key -new -x509 -days 3650 -extensions v3_ca -out ${rootdir}/crt/ca.crt > /dev/null 2>&1 | openssl req -config ${rootdir}/openssl.cnf -key ${rootdir}/key/ca.key -new -x509 -days 3650 -extensions v3_ca -subj "/CN=${ORGNAME}\(CA\)/O=${ORGNAME}/C=${ORGCNTRY}/ST=${ORGSTATE}/L=${ORGCITY}" -out ${rootdir}/crt/ca.crt > /dev/null 2>&1 | ||||||
| chmod 444 ${rootdir}/crt/ca.crt | chmod 444 ${rootdir}/crt/ca.crt | ||||||
|  | |||||||
| @ -2,4 +2,4 @@ | |||||||
| set -e | set -e | ||||||
| 
 | 
 | ||||||
| echo "Generating intermediate CSR..." | echo "Generating intermediate CSR..." | ||||||
| openssl req -config ${rootdir}/intermediate/openssl.cnf -new -sha512 -key ${rootdir}/intermediate/key/intermediate.key -out ${rootdir}/intermediate/csr/intermediate.csr > /dev/null 2>&1 | openssl req -config ${rootdir}/intermediate/openssl.cnf -new -sha512 -subj "/CN=${ORGNAME}\(intermediate\)/O=${ORGNAME}/C=${ORGCNTRY}/ST=${ORGSTATE}/L=${ORGCITY}" -key ${rootdir}/intermediate/key/intermediate.key -out ${rootdir}/intermediate/csr/intermediate.csr > /dev/null 2>&1 | ||||||
|  | |||||||
| @ -2,5 +2,5 @@ | |||||||
| set -e | set -e | ||||||
| 
 | 
 | ||||||
| echo "Generating intermediate key..." | echo "Generating intermediate key..." | ||||||
| openssl genrsa -out ${rootdir}/intermdiate/key/ca.key 4096 > /dev/null 2>&1 | openssl genrsa -out ${rootdir}/intermediate/key/intermediate.key 4096 > /dev/null 2>&1 | ||||||
| chmod 400 ${rootdir}/intermediate/key/ca.key | chmod 400 ${rootdir}/intermediate/key/intermediate.key | ||||||
|  | |||||||
| @ -2,4 +2,4 @@ | |||||||
| set -e | set -e | ||||||
| 
 | 
 | ||||||
| echo "Generating CSR (${1})..." | echo "Generating CSR (${1})..." | ||||||
| openssl req -config ${rootdir}/intermediate/openssl.cnf -new -sha512 -key ${rootdir}/key/${1}.key -out ${rootdir}/csr/${1}.csr > /dev/null 2>&1 | openssl req -config ${rootdir}/intermediate/openssl.cnf -new -sha512 -subj "/CN=${1}/O=${ORGNAME}/C=${ORGCNTRY}/ST=${ORGSTATE}/L=${ORGCITY}" -key ${rootdir}/key/${1}.key -out ${rootdir}/csr/${1}.csr > /dev/null 2>&1 | ||||||
|  | |||||||
							
								
								
									
										36
									
								
								new.ca.sh
									
									
									
									
									
								
							
							
						
						
									
										36
									
								
								new.ca.sh
									
									
									
									
									
								
							| @ -1,27 +1,31 @@ | |||||||
| #!/bin/bash | #!/bin/bash | ||||||
| set -e | set -e | ||||||
|  | set -x | ||||||
| 
 | 
 | ||||||
| 
 | 
 | ||||||
| rootdir='/root/ssl/ca' | rootdir='/tmp/ssl/ca' | ||||||
| bindir="$(dirname ${0})" | bindir="$(dirname ${0})" | ||||||
| export rootdir | export rootdir | ||||||
| export bindir | export bindir | ||||||
| 
 | 
 | ||||||
| echo "If you continue, I will completely DELETE (if found):" | if [[ -d "${rootdir}" ]]; | ||||||
| echo " ${rootdir}/key" |  | ||||||
| echo " ${rootdir}/crt" |  | ||||||
| echo " ${rootdir}/crl" |  | ||||||
| echo " ${rootdir}/csr" |  | ||||||
| echo " ${rootdir}/index.txt" |  | ||||||
| echo " ${rootdir}/serial" |  | ||||||
| echo |  | ||||||
| echo "To continue, type YESIAMCRAZY and hit the enter key." |  | ||||||
| read RUCRAZY |  | ||||||
| 
 |  | ||||||
| if [[ "${RUCRAZY}" != 'YESIAMCRAZY' ]]; |  | ||||||
| then | then | ||||||
| 	echo '"IAMCRAZY" *NOT* entered. Quitting.' | 	echo "If you continue, I will completely DELETE (if found):" | ||||||
| 	exit 1 | 	echo " ${rootdir}/key" | ||||||
|  | 	echo " ${rootdir}/crt" | ||||||
|  | 	echo " ${rootdir}/crl" | ||||||
|  | 	echo " ${rootdir}/csr" | ||||||
|  | 	echo " ${rootdir}/index.txt" | ||||||
|  | 	echo " ${rootdir}/serial" | ||||||
|  | 	echo | ||||||
|  | 	echo "To continue, type YESIAMCRAZY and hit the enter key." | ||||||
|  | 	read RUCRAZY | ||||||
|  | 	 | ||||||
|  | 	if [[ "${RUCRAZY}" != 'YESIAMCRAZY' ]]; | ||||||
|  | 	then | ||||||
|  | 		echo '"IAMCRAZY" *NOT* entered. Quitting.' | ||||||
|  | 		exit 1 | ||||||
|  | 	fi | ||||||
| fi | fi | ||||||
| 
 | 
 | ||||||
| echo "Deleting CA hierarchy and creating clean..." | echo "Deleting CA hierarchy and creating clean..." | ||||||
| @ -136,7 +140,7 @@ echo -n "Lastly, what email address should be used for the SSL administrator? " | |||||||
| read SSLADMIN | read SSLADMIN | ||||||
| export SSLADMIN | export SSLADMIN | ||||||
| 
 | 
 | ||||||
| sed -i -e "s/%%TEMPLATE_ORG%%/${ORGNAME}/g ; s/%%TEMPLATE_DOMAIN%%/${ORGSITE}/g ; s/%%TEMPLATE_ROOTDIR%%/${rootdir}/g ; s/%%TEMPLATE_COUNTRY%%/${ORGCNTRY}/g ; s/%%TEMPLATE_STATE%%/${ORGSTATE}/g ; s/%%TEMPLATE_CITY%%/${ORGCITY}/g ; s/%%TEMPLATE_SSLADMIN%%/${SSLADMIN}/g" ${rootdir}/openssl.cnf | sed -i -e "s/%%TEMPLATE_ORG%%/${ORGNAME}/g ; s/%%TEMPLATE_DOMAIN%%/${ORGSITE}/g ; s@%%TEMPLATE_ROOTDIR%%@${rootdir}@g ; s/%%TEMPLATE_COUNTRY%%/${ORGCNTRY}/g ; s/%%TEMPLATE_STATE%%/${ORGSTATE}/g ; s/%%TEMPLATE_CITY%%/${ORGCITY}/g ; s/%%TEMPLATE_SSLADMIN%%/${SSLADMIN}/g" ${rootdir}/openssl.cnf | ||||||
| 
 | 
 | ||||||
| NEWCA='yes' | NEWCA='yes' | ||||||
| export NEWCA | export NEWCA | ||||||
|  | |||||||
| @ -22,6 +22,15 @@ then | |||||||
| 	read RUCRAZY2 | 	read RUCRAZY2 | ||||||
| else | else | ||||||
| 	RUCRAZY2='YESIAMCRAZY' | 	RUCRAZY2='YESIAMCRAZY' | ||||||
|  | 	export rootdir | ||||||
|  | 	export bindir | ||||||
|  | 	export ORGNAME | ||||||
|  | 	export ORGSITE | ||||||
|  | 	export ORGCNTRY | ||||||
|  | 	export ORGSTATE | ||||||
|  | 	export ORGCITY | ||||||
|  | 	export SSLADMIN | ||||||
|  | 	export NEWCA | ||||||
| fi | fi | ||||||
| 
 | 
 | ||||||
| if [[ "${RUCRAZY2}" != 'YESIAMCRAZY' ]];  | if [[ "${RUCRAZY2}" != 'YESIAMCRAZY' ]];  | ||||||
| @ -146,7 +155,7 @@ then | |||||||
| 	export SSLADMIN | 	export SSLADMIN | ||||||
| fi | fi | ||||||
| 
 | 
 | ||||||
| sed -i -e "s/%%TEMPLATE_ORG%%/${ORGNAME}/g ; s/%%TEMPLATE_DOMAIN%%/${ORGSITE}/g ; s/%%TEMPLATE_ROOTDIR%%/${rootdir}/g ; s/%%TEMPLATE_COUNTRY%%/${ORGCNTRY}/g ; s/%%TEMPLATE_STATE%%/${ORGSTATE}/g ; s/%%TEMPLATE_CITY%%/${ORGCITY}/g ; s/%%TEMPLATE_SSLADMIN%%/${SSLADMIN}/g" ${rootdir}/intermediate/openssl.cnf | sed -i -e "s/%%TEMPLATE_ORG%%/${ORGNAME}/g ; s/%%TEMPLATE_DOMAIN%%/${ORGSITE}/g ; s@%%TEMPLATE_ROOTDIR%%@${rootdir}@g ; s/%%TEMPLATE_COUNTRY%%/${ORGCNTRY}/g ; s/%%TEMPLATE_STATE%%/${ORGSTATE}/g ; s/%%TEMPLATE_CITY%%/${ORGCITY}/g ; s/%%TEMPLATE_SSLADMIN%%/${SSLADMIN}/g" ${rootdir}/intermediate/openssl.cnf | ||||||
| 
 | 
 | ||||||
| sh ${bindir}/gen.intermediate.key.sh | sh ${bindir}/gen.intermediate.key.sh | ||||||
| sh ${bindir}/gen.intermediate.csr.sh | sh ${bindir}/gen.intermediate.csr.sh | ||||||
|  | |||||||
		Reference in New Issue
	
	Block a user