Scribd Logo
Upload

Welcome to Scribd!

  • pn sm 2323

    Uploaded by

    heads2202
    0 views1 page

    Copyright

    © © All Rights Reserved

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as txt, pdf, or txt
    0 views1 page

    pn sm 2323

    Uploaded by

    heads2202

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as txt, pdf, or txt
    of 1

    #!

    /bin/bash

    ## This script generates ca.key and self-signed ca.pem


    set -euo pipefail

    echo "Generating root CA"

    cd "$(dirname "$0")"

    CA_C="${TLS_DN_C:-SE}"
    CA_ST="${TLS_DN_ST:-Stockholm}"
    CA_L="${TLS_DN_L:-Stockholm}"
    CA_O="${TLS_DN_O:-MyOrgName}"
    CA_OU="${TLS_DN_OU:-MyRootCA}"
    CA_CN="MyRootCA"

    ensure_private_key() {
    file="$1"
    if [ ! -f "$file" ]; then
    case $ALG in
    rsa)
    openssl genrsa -out "$file" 2048
    ;;
    ec|ecc)
    openssl ecparam -name prime256v1 -genkey -noout -out "$file"
    ;;
    dsa)
    openssl gendsa -out "$file" <(openssl dsaparam 2048)
    ;;
    *)
    echo "Unknown algorithm: $ALG"
    exit 1
    ;;
    esac
    fi
    }

    ensure_private_key ca.key
    if [ ! -f ca.pem ]; then
    openssl req -sha256 -new -key "ca.key" -out "ca.csr" -nodes -subj
    "/C=${CA_C}/ST=${CA_ST}/L=${CA_L}/O=${CA_O}/OU=${CA_OU}/CN=${CA_CN}" -addext
    "basicConstraints=critical,CA:true"
    openssl x509 -req -in ca.csr -sha256 -signkey ca.key -out ca.pem -days 3650
    rm -f ca.csr
    fi

    You might also like