Sync usage with man page.
[netbsd-mini2440.git] / crypto / external / bsd / openssl / dist / util / mkcerts.sh
blob0184fcb70ece51119842f1c43ec1a9b2671f6f81
1 #!/bin/sh
3 # This script will re-make all the required certs.
4 # cd apps
5 # sh ../util/mkcerts.sh
6 # mv ca-cert.pem pca-cert.pem ../certs
7 # cd ..
8 # cat certs/*.pem >>apps/server.pem
9 # cat certs/*.pem >>apps/server2.pem
10 # SSLEAY=`pwd`/apps/ssleay; export SSLEAY
11 # sh tools/c_rehash certs
14 CAbits=1024
15 SSLEAY="../apps/openssl"
16 CONF="-config ../apps/openssl.cnf"
18 # create pca request.
19 echo creating $CAbits bit PCA cert request
20 $SSLEAY req $CONF \
21 -new -md5 -newkey $CAbits \
22 -keyout pca-key.pem \
23 -out pca-req.pem -nodes >/dev/null <<EOF
25 Queensland
27 CryptSoft Pty Ltd
29 Test PCA (1024 bit)
33 EOF
35 if [ $? != 0 ]; then
36 echo problems generating PCA request
37 exit 1
40 #sign it.
41 echo
42 echo self signing PCA
43 $SSLEAY x509 -md5 -days 1461 \
44 -req -signkey pca-key.pem \
45 -CAcreateserial -CAserial pca-cert.srl \
46 -in pca-req.pem -out pca-cert.pem
48 if [ $? != 0 ]; then
49 echo problems self signing PCA cert
50 exit 1
52 echo
54 # create ca request.
55 echo creating $CAbits bit CA cert request
56 $SSLEAY req $CONF \
57 -new -md5 -newkey $CAbits \
58 -keyout ca-key.pem \
59 -out ca-req.pem -nodes >/dev/null <<EOF
61 Queensland
63 CryptSoft Pty Ltd
65 Test CA (1024 bit)
69 EOF
71 if [ $? != 0 ]; then
72 echo problems generating CA request
73 exit 1
76 #sign it.
77 echo
78 echo signing CA
79 $SSLEAY x509 -md5 -days 1461 \
80 -req \
81 -CAcreateserial -CAserial pca-cert.srl \
82 -CA pca-cert.pem -CAkey pca-key.pem \
83 -in ca-req.pem -out ca-cert.pem
85 if [ $? != 0 ]; then
86 echo problems signing CA cert
87 exit 1
89 echo
91 # create server request.
92 echo creating 512 bit server cert request
93 $SSLEAY req $CONF \
94 -new -md5 -newkey 512 \
95 -keyout s512-key.pem \
96 -out s512-req.pem -nodes >/dev/null <<EOF
98 Queensland
100 CryptSoft Pty Ltd
102 Server test cert (512 bit)
108 if [ $? != 0 ]; then
109 echo problems generating 512 bit server cert request
110 exit 1
113 #sign it.
114 echo
115 echo signing 512 bit server cert
116 $SSLEAY x509 -md5 -days 365 \
117 -req \
118 -CAcreateserial -CAserial ca-cert.srl \
119 -CA ca-cert.pem -CAkey ca-key.pem \
120 -in s512-req.pem -out server.pem
122 if [ $? != 0 ]; then
123 echo problems signing 512 bit server cert
124 exit 1
126 echo
128 # create 1024 bit server request.
129 echo creating 1024 bit server cert request
130 $SSLEAY req $CONF \
131 -new -md5 -newkey 1024 \
132 -keyout s1024key.pem \
133 -out s1024req.pem -nodes >/dev/null <<EOF
135 Queensland
137 CryptSoft Pty Ltd
139 Server test cert (1024 bit)
145 if [ $? != 0 ]; then
146 echo problems generating 1024 bit server cert request
147 exit 1
150 #sign it.
151 echo
152 echo signing 1024 bit server cert
153 $SSLEAY x509 -md5 -days 365 \
154 -req \
155 -CAcreateserial -CAserial ca-cert.srl \
156 -CA ca-cert.pem -CAkey ca-key.pem \
157 -in s1024req.pem -out server2.pem
159 if [ $? != 0 ]; then
160 echo problems signing 1024 bit server cert
161 exit 1
163 echo
165 # create 512 bit client request.
166 echo creating 512 bit client cert request
167 $SSLEAY req $CONF \
168 -new -md5 -newkey 512 \
169 -keyout c512-key.pem \
170 -out c512-req.pem -nodes >/dev/null <<EOF
172 Queensland
174 CryptSoft Pty Ltd
176 Client test cert (512 bit)
182 if [ $? != 0 ]; then
183 echo problems generating 512 bit client cert request
184 exit 1
187 #sign it.
188 echo
189 echo signing 512 bit client cert
190 $SSLEAY x509 -md5 -days 365 \
191 -req \
192 -CAcreateserial -CAserial ca-cert.srl \
193 -CA ca-cert.pem -CAkey ca-key.pem \
194 -in c512-req.pem -out client.pem
196 if [ $? != 0 ]; then
197 echo problems signing 512 bit client cert
198 exit 1
201 echo cleanup
203 cat pca-key.pem >> pca-cert.pem
204 cat ca-key.pem >> ca-cert.pem
205 cat s512-key.pem >> server.pem
206 cat s1024key.pem >> server2.pem
207 cat c512-key.pem >> client.pem
209 for i in pca-cert.pem ca-cert.pem server.pem server2.pem client.pem
211 $SSLEAY x509 -issuer -subject -in $i -noout >$$
212 cat $$
213 /bin/cat $i >>$$
214 /bin/mv $$ $i
215 done
217 #/bin/rm -f *key.pem *req.pem *.srl
219 echo Finished