57 lines
865 B
Bash
57 lines
865 B
Bash
#! /bin/bash
|
|
|
|
set -e
|
|
set -u
|
|
|
|
options="${1:-}"
|
|
prefix="${2:-}"
|
|
|
|
case "$options" in
|
|
server ) ;;
|
|
client ) ;;
|
|
all ) ;;
|
|
* ) echo "USAGE: $0 [all|server|client] file_prefix"; exit 1 ;;
|
|
esac
|
|
|
|
cakey="$(mktemp)"
|
|
cacrt="$(mktemp)"
|
|
|
|
echo 1
|
|
openssl genrsa -out $cakey 4096
|
|
echo 2
|
|
echo '
|
|
|
|
|
|
|
|
|
|
localhost
|
|
|
|
' | openssl req -nodes -new -x509 -days 365 -key $cakey -out $cacrt
|
|
|
|
clientkey="$(mktemp)"
|
|
clientcsr="$(mktemp)"
|
|
clientcrt="$(mktemp)"
|
|
echo 3
|
|
openssl genrsa -out $clientkey 4096
|
|
echo 4
|
|
echo '
|
|
|
|
|
|
|
|
|
|
localhost
|
|
|
|
|
|
|
|
' | openssl req -nodes -new -key $clientkey -out $clientcsr
|
|
# self-signed
|
|
echo 5
|
|
openssl x509 -req -days 365 -in $clientcsr -CA $cacrt -CAkey $cakey -set_serial 01 -out $clientcrt
|
|
|
|
mv $cakey ./${prefix}server.key
|
|
mv $cacrt ./${prefix}server.crt
|
|
mv $clientkey ./${prefix}client.key
|
|
mv $clientcsr ./${prefix}client.csr
|
|
mv $clientcrt ./${prefix}client.crt
|
|
|