API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jul 26th, 2016
39
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 1.91 KB | None | 0 0
raw download clone embed print report
  1. cat << EOF > openssl.conf
  2. [ req ]
  3. req_extensions = v3_req
  4. distinguished_name = req_distinguished_name
  5. hash = sha256
  6. prompt = no
  7.  
  8. [ req_distinguished_name ]
  9. countryName = FR
  10. localityName = Paris
  11. commonName = ca.openvpn.com
  12.  
  13. [ v3_req ]
  14. basicConstraints = CA:TRUE
  15. EOF
  16.  
  17. cat << EOF > openssl.conf
  18. [ req ]
  19. req_extensions = v3_req
  20. distinguished_name = req_distinguished_name
  21. hash = sha256
  22. prompt = no
  23.  
  24. [ req_distinguished_name ]
  25. countryName = FR
  26. localityName = Paris
  27. commonName = ca.openvpn.com
  28.  
  29. [ v3_req ]
  30. basicConstraints = CA:TRUE
  31. EOF
  32.  
  33. cat << EOF > openssl_client.conf
  34. [ req ]
  35. req_extensions = v3_req
  36. distinguished_name = req_distinguished_name
  37. hash = sha256
  38. prompt = no
  39.  
  40. [ req_distinguished_name ]
  41. countryName = FR
  42. localityName = Paris
  43. commonName = client.openvpn.com
  44.  
  45. [ v3_req ]
  46. basicConstraints = CA:FALSE
  47. EOF
  48.  
  49. cat << EOF > openssl_client.conf
  50. [ req ]
  51. req_extensions = v3_req
  52. distinguished_name = req_distinguished_name
  53. hash = sha256
  54. prompt = no
  55.  
  56. [ req_distinguished_name ]
  57. countryName = FR
  58. localityName = Paris
  59. commonName = client.openvpn.com
  60.  
  61. [ v3_req ]
  62. basicConstraints = CA:FALSE
  63. EOF
  64.  
  65. cat << EOF > openssl_server.conf
  66. [ req ]
  67. req_extensions = v3_req
  68. distinguished_name = req_distinguished_name
  69. hash = sha256
  70. prompt = no
  71.  
  72. [ req_distinguished_name ]
  73. countryName = FR
  74. localityName = Paris
  75. commonName = server.openvpn.com
  76.  
  77. [ v3_req ]
  78. basicConstraints = CA:FALSE
  79. EOF
  80.  
  81.  
  82. #DH
  83. openssl dhparam -out dh.pem 2048
  84.  
  85. #CA
  86. openssl req -config openssl.conf -x509 -nodes -days 365 -newkey rsa:4096 -keyout ca.key -out ca.crt
  87.  
  88. #Server
  89. openssl req -config openssl_server.conf -nodes -new -newkey rsa:4096 -out server.csr -keyout server.key
  90. openssl x509 -req -in server.csr -out server.crt -CA ca.crt -CAkey ca.key -CAcreateserial -CAserial ca.srl
  91.  
  92. #Client
  93. openssl req -config openssl_client.conf -nodes -new -newkey rsa:4096 -out client.csr -keyout client.key
  94. openssl x509 -req -in client.csr -out client.crt -CA ca.crt -CAkey ca.key
  95.  
  96.  
  97. openssl x509 -in client.crt -text
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!