summaryrefslogtreecommitdiff
path: root/genca.sh
blob: dc3e3021427b1883cf25428f162d1e3af2785617 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
#!/bin/sh
# ./genca.sh (configfile)
set -e

SUPPLEMENTARY_CONFIG="$1"

. ./configure.sh

if [ -e "$CA"/ca/"$CA".key ]; then
  echo "$CA/ca/$CA.key already exists!"
  exit 2
fi

# Certificate Authority
mkdir -pv "$CA"/ca "$CA"/certs "$CA"/signed
echo 1000 > "$CA"/ca/"$CA".serial
touch "$CA"/ca/"$CA".idx
openssl req -config "$OPENSSL_CONFIG" -new -x509 -days "$EXPIRE" -extensions v3_ca -keyout "$CA"/ca/"$CA".key -out "$CA"/ca/"$CA".crt
chmod 600 "$CA"/ca/"$CA".key
echo Generating revocation list...
openssl ca -config "$OPENSSL_CONFIG" -gencrl -out "$CA"/ca/"$CA".crl