CA mk cert server
./scripts/mk_cert_server
#!/bin/sh # # $Id: mk_cert_server,v 1.1 2008/06/26 20:35:28 root Exp root $ # # $Log: mk_cert_server,v $ # Revision 1.1 2008/06/26 20:35:28 root # Initial revision # absolute_dir () { pushd $1 >/dev/null pwd popd >/dev/null } dir=`dirname $0` dir=`absolute_dir $dir/..` pushd $dir echo "" echo -n "Server-Cert Name: " read cert [ -z "$cert" ] && popd && exit 1 if [ -e private/${cert}Key.pem ]; then echo "Error: private/${cert}Key.pem exists!" ls -l */${cert}* exit 1 fi echo "--------" echo "${cert}Key.pem & ${cert}Req.pem ..." echo "" openssl req -config openssl.cnf \ -newkey rsa:1024 \ -keyout ${cert}Key.pem -keyform PEM \ -out ${cert}Req.pem -outform PEM echo "" echo -n "Passwort aus ${cert}Key.pem entfernen [y] ? " read a if [ -z "$a" -o "$a" == "y" -o "$a" == "Y" ]; then openssl rsa < ${cert}Key.pem \ > ${cert}-Key.pem chmod go-rwx ${cert}-Key.pem ${cert}Key.pem cp ${cert}-Key.pem private mv ${cert}-Key.pem ServerCA/private fi cp ${cert}Key.pem private mv ${cert}Key.pem ServerCA/private echo "====================" echo "${cert}Cert.pem ..." echo "====================" openssl ca -config openssl.cnf \ -name Server_CA \ -in ${cert}Req.pem \ -out ${cert}Cert.pem chmod go-rwx ${cert}Cert.pem cp ${cert}Cert.pem certs mv ${cert}Cert.pem ServerCA/certs mv ${cert}Req.pem ServerCA/private echo "----------------------------------------------" echo "" ls -l certs private echo "" popd