temporary checkin
This commit is contained in:
parent
b35241f7d0
commit
c72dc5389b
@ -2,5 +2,5 @@
|
||||
set -e
|
||||
|
||||
echo "Generating CA certificate..."
|
||||
openssl req -config ${rootdir}/openssl.cnf -key ${rootdir}/key/ca.key -new -x509 -days 3650 -extensions v3_ca -out ${rootdir}/crt/ca.crt > /dev/null 2>&1
|
||||
openssl req -config ${rootdir}/openssl.cnf -key ${rootdir}/key/ca.key -new -x509 -days 3650 -extensions v3_ca -subj "/CN=${ORGNAME}\(CA\)/O=${ORGNAME}/C=${ORGCNTRY}/ST=${ORGSTATE}/L=${ORGCITY}" -out ${rootdir}/crt/ca.crt > /dev/null 2>&1
|
||||
chmod 444 ${rootdir}/crt/ca.crt
|
||||
|
@ -2,4 +2,4 @@
|
||||
set -e
|
||||
|
||||
echo "Generating intermediate CSR..."
|
||||
openssl req -config ${rootdir}/intermediate/openssl.cnf -new -sha512 -key ${rootdir}/intermediate/key/intermediate.key -out ${rootdir}/intermediate/csr/intermediate.csr > /dev/null 2>&1
|
||||
openssl req -config ${rootdir}/intermediate/openssl.cnf -new -sha512 -subj "/CN=${ORGNAME}\(intermediate\)/O=${ORGNAME}/C=${ORGCNTRY}/ST=${ORGSTATE}/L=${ORGCITY}" -key ${rootdir}/intermediate/key/intermediate.key -out ${rootdir}/intermediate/csr/intermediate.csr > /dev/null 2>&1
|
||||
|
@ -2,5 +2,5 @@
|
||||
set -e
|
||||
|
||||
echo "Generating intermediate key..."
|
||||
openssl genrsa -out ${rootdir}/intermdiate/key/ca.key 4096 > /dev/null 2>&1
|
||||
chmod 400 ${rootdir}/intermediate/key/ca.key
|
||||
openssl genrsa -out ${rootdir}/intermediate/key/intermediate.key 4096 > /dev/null 2>&1
|
||||
chmod 400 ${rootdir}/intermediate/key/intermediate.key
|
||||
|
@ -2,4 +2,4 @@
|
||||
set -e
|
||||
|
||||
echo "Generating CSR (${1})..."
|
||||
openssl req -config ${rootdir}/intermediate/openssl.cnf -new -sha512 -key ${rootdir}/key/${1}.key -out ${rootdir}/csr/${1}.csr > /dev/null 2>&1
|
||||
openssl req -config ${rootdir}/intermediate/openssl.cnf -new -sha512 -subj "/CN=${1}/O=${ORGNAME}/C=${ORGCNTRY}/ST=${ORGSTATE}/L=${ORGCITY}" -key ${rootdir}/key/${1}.key -out ${rootdir}/csr/${1}.csr > /dev/null 2>&1
|
||||
|
@ -1,12 +1,15 @@
|
||||
#!/bin/bash
|
||||
set -e
|
||||
set -x
|
||||
|
||||
|
||||
rootdir='/root/ssl/ca'
|
||||
rootdir='/tmp/ssl/ca'
|
||||
bindir="$(dirname ${0})"
|
||||
export rootdir
|
||||
export bindir
|
||||
|
||||
if [[ -d "${rootdir}" ]];
|
||||
then
|
||||
echo "If you continue, I will completely DELETE (if found):"
|
||||
echo " ${rootdir}/key"
|
||||
echo " ${rootdir}/crt"
|
||||
@ -23,6 +26,7 @@ then
|
||||
echo '"IAMCRAZY" *NOT* entered. Quitting.'
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
|
||||
echo "Deleting CA hierarchy and creating clean..."
|
||||
# https://jamielinux.com/docs/openssl-certificate-authority/create-the-root-pair.html
|
||||
@ -136,7 +140,7 @@ echo -n "Lastly, what email address should be used for the SSL administrator? "
|
||||
read SSLADMIN
|
||||
export SSLADMIN
|
||||
|
||||
sed -i -e "s/%%TEMPLATE_ORG%%/${ORGNAME}/g ; s/%%TEMPLATE_DOMAIN%%/${ORGSITE}/g ; s/%%TEMPLATE_ROOTDIR%%/${rootdir}/g ; s/%%TEMPLATE_COUNTRY%%/${ORGCNTRY}/g ; s/%%TEMPLATE_STATE%%/${ORGSTATE}/g ; s/%%TEMPLATE_CITY%%/${ORGCITY}/g ; s/%%TEMPLATE_SSLADMIN%%/${SSLADMIN}/g" ${rootdir}/openssl.cnf
|
||||
sed -i -e "s/%%TEMPLATE_ORG%%/${ORGNAME}/g ; s/%%TEMPLATE_DOMAIN%%/${ORGSITE}/g ; s@%%TEMPLATE_ROOTDIR%%@${rootdir}@g ; s/%%TEMPLATE_COUNTRY%%/${ORGCNTRY}/g ; s/%%TEMPLATE_STATE%%/${ORGSTATE}/g ; s/%%TEMPLATE_CITY%%/${ORGCITY}/g ; s/%%TEMPLATE_SSLADMIN%%/${SSLADMIN}/g" ${rootdir}/openssl.cnf
|
||||
|
||||
NEWCA='yes'
|
||||
export NEWCA
|
||||
|
@ -22,6 +22,15 @@ then
|
||||
read RUCRAZY2
|
||||
else
|
||||
RUCRAZY2='YESIAMCRAZY'
|
||||
export rootdir
|
||||
export bindir
|
||||
export ORGNAME
|
||||
export ORGSITE
|
||||
export ORGCNTRY
|
||||
export ORGSTATE
|
||||
export ORGCITY
|
||||
export SSLADMIN
|
||||
export NEWCA
|
||||
fi
|
||||
|
||||
if [[ "${RUCRAZY2}" != 'YESIAMCRAZY' ]];
|
||||
@ -146,7 +155,7 @@ then
|
||||
export SSLADMIN
|
||||
fi
|
||||
|
||||
sed -i -e "s/%%TEMPLATE_ORG%%/${ORGNAME}/g ; s/%%TEMPLATE_DOMAIN%%/${ORGSITE}/g ; s/%%TEMPLATE_ROOTDIR%%/${rootdir}/g ; s/%%TEMPLATE_COUNTRY%%/${ORGCNTRY}/g ; s/%%TEMPLATE_STATE%%/${ORGSTATE}/g ; s/%%TEMPLATE_CITY%%/${ORGCITY}/g ; s/%%TEMPLATE_SSLADMIN%%/${SSLADMIN}/g" ${rootdir}/intermediate/openssl.cnf
|
||||
sed -i -e "s/%%TEMPLATE_ORG%%/${ORGNAME}/g ; s/%%TEMPLATE_DOMAIN%%/${ORGSITE}/g ; s@%%TEMPLATE_ROOTDIR%%@${rootdir}@g ; s/%%TEMPLATE_COUNTRY%%/${ORGCNTRY}/g ; s/%%TEMPLATE_STATE%%/${ORGSTATE}/g ; s/%%TEMPLATE_CITY%%/${ORGCITY}/g ; s/%%TEMPLATE_SSLADMIN%%/${SSLADMIN}/g" ${rootdir}/intermediate/openssl.cnf
|
||||
|
||||
sh ${bindir}/gen.intermediate.key.sh
|
||||
sh ${bindir}/gen.intermediate.csr.sh
|
||||
|
Reference in New Issue
Block a user