Professional Documents
Culture Documents
pn sm 2323
pn sm 2323
/bin/bash
cd "$(dirname "$0")"
CA_C="${TLS_DN_C:-SE}"
CA_ST="${TLS_DN_ST:-Stockholm}"
CA_L="${TLS_DN_L:-Stockholm}"
CA_O="${TLS_DN_O:-MyOrgName}"
CA_OU="${TLS_DN_OU:-MyRootCA}"
CA_CN="MyRootCA"
ensure_private_key() {
file="$1"
if [ ! -f "$file" ]; then
case $ALG in
rsa)
openssl genrsa -out "$file" 2048
;;
ec|ecc)
openssl ecparam -name prime256v1 -genkey -noout -out "$file"
;;
dsa)
openssl gendsa -out "$file" <(openssl dsaparam 2048)
;;
*)
echo "Unknown algorithm: $ALG"
exit 1
;;
esac
fi
}
ensure_private_key ca.key
if [ ! -f ca.pem ]; then
openssl req -sha256 -new -key "ca.key" -out "ca.csr" -nodes -subj
"/C=${CA_C}/ST=${CA_ST}/L=${CA_L}/O=${CA_O}/OU=${CA_OU}/CN=${CA_CN}" -addext
"basicConstraints=critical,CA:true"
openssl x509 -req -in ca.csr -sha256 -signkey ca.key -out ca.pem -days 3650
rm -f ca.csr
fi