Files
@ 76dda381db24
Branch filter:
Location: libtransport.git/msvc-deps/curl/tests/certs/scripts/genserv.sh - annotation
76dda381db24
3.2 KiB
application/x-sh
Use iterator in pqxx storage backend
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 | 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 8fbdd54451c0 | #!/bin/bash
# (c) CopyRight EdelWeb for EdelKey and OpenEvidence, 2000-2004, 2009
# Author: Peter Sylvester
# "libre" for integration with curl
OPENSSL=openssl
if [ -f /usr/local/ssl/bin/openssl ] ; then
OPENSSL=/usr/local/ssl/bin/openssl
fi
USAGE="echo Usage is genserv.sh <prefix> <caprefix>"
HOME=`pwd`
cd $HOME
KEYSIZE=1024
DURATION=3000
REQ=YES
P12=NO
DHP=NO
PREFIX=$1
if [ ".$PREFIX" = . ] ; then
echo No configuration prefix
NOTOK=1
else
if [ ! -f $PREFIX-sv.prm ] ; then
echo No configuration file $PREFIX-sv.prm
NOTOK=1
fi
fi
CAPREFIX=$2
if [ ".$CAPREFIX" = . ] ; then
echo No CA prefix
NOTOK=1
else
if [ ! -f $CAPREFIX-ca.cacert ] ; then
echo No CA certficate file $CAPREFIX-ca.caert
NOTOK=1
fi
if [ ! -f $CAPREFIX-ca.key ] ; then
echo No $CAPREFIX key
NOTOK=1
fi
fi
if [ ".$NOTOK" != . ] ; then
echo "Sorry, I can't do that for you."
$USAGE
exit
fi
if [ ".$SERIAL" = . ] ; then
GETSERIAL="\$t = time ;\$d = \$t . substr(\$t+$$ ,-4,4)-1;print \$d"
SERIAL=`/usr/bin/env perl -e "$GETSERIAL"`
fi
echo SERIAL=$SERIAL PREFIX=$PREFIX CAPREFIX=$CAPREFIX DURATION=$DURATION KEYSIZE=$KEYSIZE
if [ "$DHP." = YES. ] ; then
echo "openssl dhparam -2 -out $PREFIX-sv.dhp $KEYSIZE"
$OPENSSL dhparam -2 -out $PREFIX-sv.dhp $KEYSIZE
fi
if [ "$REQ." = YES. ] ; then
echo "openssl req -config $PREFIX-sv.prm -newkey rsa:$KEYSIZE -keyout $PREFIX-sv.key -out $PREFIX-sv.csr -passout XXX"
$OPENSSL req -config $PREFIX-sv.prm -newkey rsa:$KEYSIZE -keyout $PREFIX-sv.key -out $PREFIX-sv.csr -passout pass:secret
fi
echo "openssl rsa -in $PREFIX-sv.key -out $PREFIX-sv.key"
$OPENSSL rsa -in $PREFIX-sv.key -out $PREFIX-sv.key -passin pass:secret
echo pseudo secrets generated
echo "openssl x509 -set_serial $SERIAL -extfile $PREFIX-sv.prm -days $DURATION -CA $CAPREFIX-ca.cacert -CAkey $CAPREFIX-ca.key -in $PREFIX-sv.csr -req -out $PREFIX-sv.crt -text -nameopt multiline -sha1"
$OPENSSL x509 -set_serial $SERIAL -extfile $PREFIX-sv.prm -days $DURATION -CA $CAPREFIX-ca.cacert -CAkey $CAPREFIX-ca.key -in $PREFIX-sv.csr -req -out $PREFIX-sv.crt -text -nameopt multiline -sha1
if [ "$P12." = YES. ] ; then
echo "$OPENSSL pkcs12 -export -des3 -out $PREFIX-sv.p12 -caname $CAPREFIX -name $PREFIX -inkey $PREFIX-sv.key -in $PREFIX-sv.crt -certfile $CAPREFIX-ca.crt "
$OPENSSL pkcs12 -export -des3 -out $PREFIX-sv.p12 -caname $CAPREFIX -name $PREFIX -inkey $PREFIX-sv.key -in $PREFIX-sv.crt -certfile $CAPREFIX-ca.crt
fi
echo "openssl x509 -noout -text -hash -in $PREFIX-sv.selfcert -nameopt multiline"
$OPENSSL x509 -noout -text -hash -in $PREFIX-sv.crt -nameopt multiline
# revoke server cert
touch $CAPREFIX-ca.db
echo 01 > $CAPREFIX-ca.cnt
echo "openssl ca -config $CAPREFIX-ca.cnf -revoke $PREFIX-sv.crt"
$OPENSSL ca -config $CAPREFIX-ca.cnf -revoke $PREFIX-sv.crt
# issue CRL
echo "openssl ca -config $CAPREFIX-ca.cnf -gencrl -out $PREFIX-sv.crl"
$OPENSSL ca -config $CAPREFIX-ca.cnf -gencrl -out $PREFIX-sv.crl
echo "openssl x509 -in $PREFIX-sv.crt -outform der -out $PREFIX-sv.der "
$OPENSSL x509 -in $PREFIX-sv.crt -outform der -out $PREFIX-sv.der
# all together now
touch $PREFIX-sv.dhp
cat $PREFIX-sv.prm $PREFIX-sv.key $PREFIX-sv.crt $PREFIX-sv.dhp >$PREFIX-sv.pem
chmod o-r $PREFIX-sv.prm
echo "$PREFIX-sv.pem done"
|