initial commit
This commit is contained in:
commit
5e5aff990d
16 changed files with 1737 additions and 0 deletions
42
.ssl/gen-ca.sh
Executable file
42
.ssl/gen-ca.sh
Executable file
|
|
@ -0,0 +1,42 @@
|
|||
#!/usr/bin/env sh
|
||||
set -euo pipefail
|
||||
|
||||
CA_DIR="${CA_DIR:-$(dirname $0)/ca}"
|
||||
CA_KEY="${CA_DIR}/ca.key"
|
||||
CA_CERT="${CA_DIR}/ca.pem"
|
||||
|
||||
CA_SUBJECT="${CA_SUBJECT:-/C=UZ/O=Local CA/CN=Local Root CA}"
|
||||
CA_DAYS="${CA_DAYS:-3650}"
|
||||
CA_KEY_BITS="${CA_KEY_BITS:-4096}"
|
||||
|
||||
mkdir -p "${CA_DIR}"
|
||||
chmod 700 "${CA_DIR}"
|
||||
|
||||
if [[ -f "${CA_KEY}" || -f "${CA_CERT}" ]]; then
|
||||
echo "CA already exists:"
|
||||
echo " ${CA_KEY}"
|
||||
echo " ${CA_CERT}"
|
||||
echo "Nothing to do."
|
||||
exit 0
|
||||
fi
|
||||
|
||||
openssl genrsa -out "${CA_KEY}" "${CA_KEY_BITS}"
|
||||
chmod 600 "${CA_KEY}"
|
||||
|
||||
openssl req \
|
||||
-x509 \
|
||||
-new \
|
||||
-nodes \
|
||||
-key "${CA_KEY}" \
|
||||
-sha256 \
|
||||
-days "${CA_DAYS}" \
|
||||
-subj "${CA_SUBJECT}" \
|
||||
-out "${CA_CERT}"
|
||||
|
||||
chmod 644 "${CA_CERT}"
|
||||
|
||||
echo "CA created:"
|
||||
echo " key: ${CA_KEY}"
|
||||
echo " cert: ${CA_CERT}"
|
||||
|
||||
openssl x509 -in "${CA_CERT}" -noout -subject -issuer -dates
|
||||
Loading…
Add table
Add a link
Reference in a new issue