Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/env bash -ex
- SERVER_CN=localhost
- USERNAME=Admin
- WORKSPACE=/tmp/certs
- CA_DIR=${WORKSPACE}/authority
- SERVER_DIR=${WORKSPACE}/${SERVER_CN}
- USER_DIR=${WORKSPACE}/admin
- rm -rf ${WORKSPACE}
- # Cert Authority
- mkdir -p ${CA_DIR}
- openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:2048 -keyout ${CA_DIR}/rootCA.key -out ${CA_DIR}/rootCA.crt -subj "/C=GB/O=Example/OU=Dev/CN=CA" -passin pass:password
- keytool -import -keystore ${CA_DIR}/truststore.jks -file ${CA_DIR}/rootCA.crt -alias rootCA -storepass password -noprompt
- # Server now
- mkdir -p ${SERVER_DIR}
- openssl req -out ${SERVER_DIR}/${SERVER_CN}.csr -newkey rsa:2048 -nodes -keyout ${SERVER_DIR}/${SERVER_CN}.key -subj "/C=GB/O=Example/OU=Dev/CN=${SERVER_CN}" -passin pass:password
- openssl x509 -req -days 360 -in ${SERVER_DIR}/${SERVER_CN}.csr -CA ${CA_DIR}/rootCA.crt -CAkey ${CA_DIR}/rootCA.key -CAcreateserial -out ${SERVER_DIR}/${SERVER_CN}.crt
- openssl pkcs12 -export -out ${SERVER_DIR}/${SERVER_CN}.p12 -inkey ${SERVER_DIR}/${SERVER_CN}.key -in ${SERVER_DIR}/${SERVER_CN}.crt -certfile ${CA_DIR}/rootCA.crt -passout pass:password
- # User
- mkdir -p ${USER_DIR}
- openssl req -out ${USER_DIR}/${USERNAME}.csr -newkey rsa:2048 -nodes -keyout ${USER_DIR}/${USERNAME}.key -subj "/C=GB/O=Example/OU=Dev/CN=${USERNAME}" -passin pass:password
- openssl x509 -req -days 360 -in ${USER_DIR}/${USERNAME}.csr -CA ${CA_DIR}/rootCA.crt -CAkey ${CA_DIR}/rootCA.key -CAcreateserial -out ${USER_DIR}/${USERNAME}.crt
- openssl pkcs12 -export -out ${USER_DIR}/${USERNAME}.p12 -inkey ${USER_DIR}/${USERNAME}.key -in ${USER_DIR}/${USERNAME}.crt -certfile ${CA_DIR}/rootCA.crt -passout pass:password
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement