Quick and dirty scripts for maintaining a certificate authority/client certificates/server certificates with openssl.

To start with, you should run

    head -n 15 configure.sh > local.cfg

edit local.cfg to your liking, run ./genca.sh, then do one of

* generate a signed key and cert with ./gensignedcert certname
* sign an existing CSR with ./signcsr csrfile
  * ./signcsr will execute, if available, ./post-sign with the DER path as an argument

A CGI for getting browsers to generate keys and send CSRs in SPKAC form is available as

    contrib/keygen.rb

Updates are available from

<git://piny.be/cash>

Author is available at

    jrayhawk+cash@omgwallhack.org