Home Explore Help
Sign In
tobias.wach
/
CCats
mirror of https://git.rwth-aachen.de/tobias.wach/ccats
1
0
Fork 0
Files Issues 0 Wiki
Branch: master
Branches Tags
CCats
/
daemon
/
createsslfiles.sh

createsslfiles.sh 917 B
Permalink History Raw

1234567891011121314151617181920212223242526 
  1. #!/bin/bash
    2. 

  2. ROOTNAME=rootca
    3. 

  3. USERNAME=user
    4. 

  4. DIFFIENAME=dh2048
    5. 

  5. echo "Creating ROOTCA key"
    6. 

  6. openssl genrsa -out $ROOTNAME.key 2048
    7. 

  7. echo "Creating ROOTCA cert"
    8. 

  8. openssl req -x509 -new -nodes -key $ROOTNAME.key -days 20000 -out $ROOTNAME.crt
    9. 

  9. echo "Creating USER key"
    10. 

  10. openssl genrsa -out $USERNAME.key 2048
    11. 

  11. echo "Creating USER base cert"
    12. 

  12. openssl req -new -key $USERNAME.key -out $USERNAME.csr
    13. 

  13. echo "Signing USER base cert using ROOT key and cert"
    14. 

  14. openssl x509 -req -in $USERNAME.csr -CA $ROOTNAME.crt -CAkey $ROOTNAME.key -CAcreateserial -out $USERNAME.crt -days 20000
    15. 

  15. echo "Creating DIFFIE params. This might take a while"
    16. 

  16. openssl dhparam -out $DIFFIENAME.pem 2048
    17. 

  17. 

  18. # should OK
    19. 

  19. echo "This should OK"
    20. 

  20. openssl verify -CAfile $ROOTNAME.crt $ROOTNAME.crt
    21. 

  21. # should OK
    22. 

  22. echo "This should OK"
    23. 

  23. openssl verify -CAfile $ROOTNAME.crt $USERNAME.crt
    24. 

  24. # should FAIL
    25. 

  25. echo "This should FAIL"
    26. 

  26. openssl verify -CAfile $USERNAME.crt $USERNAME.crt
    27.