make more clients

openssl.sh

@@ -6,51 +6,61 @@ set -u
 options="${1:-}"
 prefix="${2:-}"
 
+doserver=0
+doclient=0
+
 case "$options" in
-   server ) ;;
+   server ) doserver=1 ;;
-   client ) ;;
+   client ) doclient=1 ; cacrt="${3}"; cakey="${4}" ;;
-   all ) ;;
+   all ) doserver=1; doclient=1 ;;
-   * ) echo "USAGE: $0 [all|server|client] file_prefix"; exit 1 ;;
+   * ) echo "USAGE: $0 [all|server|client] file_prefix [server.crt server.key]"; exit 1 ;;
 esac
 
-cakey="$(mktemp)"
+###   CREATE SERVER STUFF  ###
-cacrt="$(mktemp)"
+if ((doserver)); then
+   cakey="$(mktemp)"
+   cacrt="$(mktemp)"
 
-echo 1
+   echo 1
-openssl genrsa -out $cakey 4096
+   openssl genrsa -out $cakey 4096
-echo 2
+   echo 2
-echo '
+   echo '
 
 
 
 
-localhost
+   localhost
 
-' | openssl req -nodes -new -x509 -days 365 -key $cakey -out $cacrt
+   ' | openssl req -nodes -new -x509 -days 365 -key $cakey -out $cacrt
+fi
 
-clientkey="$(mktemp)"
+if ((doclient)); then
-clientcsr="$(mktemp)"
+   clientkey="$(mktemp)"
-clientcrt="$(mktemp)"
+   clientcsr="$(mktemp)"
-echo 3
+   clientcrt="$(mktemp)"
-openssl genrsa -out $clientkey 4096
+   echo 3
-echo 4
+   openssl genrsa -out $clientkey 4096
-echo '
+   echo 4
+   echo '
 
 
 
 
-localhost
+   localhost
 
 
 
-' | openssl req -nodes -new -key $clientkey -out $clientcsr
+   ' | openssl req -nodes -new -key $clientkey -out $clientcsr
-# self-signed
+   # self-signed
-echo 5
+   echo 5
-openssl x509 -req -days 365 -in $clientcsr -CA $cacrt -CAkey $cakey -set_serial 01 -out $clientcrt
+   openssl x509 -req -days 365 -in $clientcsr -CA $cacrt -CAkey $cakey -set_serial 01 -out $clientcrt
-
+fi
-mv $cakey ./${prefix}server.key
-mv $cacrt ./${prefix}server.crt
-mv $clientkey ./${prefix}client.key
-mv $clientcsr ./${prefix}client.csr
-mv $clientcrt ./${prefix}client.crt
 
+if ((doserver)); then
+   mv $cakey ./${prefix}server.key
+   mv $cacrt ./${prefix}server.crt
+fi
+if ((doclient)); then
+   mv $clientkey ./${prefix}client.key
+   mv $clientcrt ./${prefix}client.crt
+fi