Created
November 10, 2024 16:16
-
-
Save florianrein/0e25962f0d56ba1702ac89c76a17073e to your computer and use it in GitHub Desktop.
Create Test Cert Chain & JKS
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
function generate_jks_with_cert_and_key() { | |
local incert=$1 | |
local inkey=$2 | |
local jkspw=$3 | |
openssl pkcs12 -export -in $incert -inkey $inkey -out temp.p12 -name personalcreds -password pass:sometemporarypw | |
keytool -importkeystore -deststorepass $jkspw -destkeystore somename.jks -srckeystore temp.p12 -srcstoretype PKCS12 -srcstorepass sometemporarypw -alias personalcreds | |
rm -f temp.p12 | |
} | |
function create_test_certificate_chain() { | |
# Step 1: Generate Root CA key and self-signed certificate | |
openssl genrsa -out rootCA.key 4096 | |
openssl req -x509 -new -nodes -key rootCA.key -sha256 -days 1024 -out rootCA.pem \ | |
-subj "/C=US/ST=State/L=City/O=MyCompany/OU=Org/CN=RootCA" | |
# Step 2: Generate End-User key and CSR | |
openssl genrsa -out endUser.key 4096 | |
openssl req -new -key endUser.key -out endUser.csr \ | |
-subj "/C=US/ST=State/L=City/O=MyCompany/OU=Org/CN=EndUser" | |
# Step 3: Sign the End-User CSR with the Root CA to create the end-user certificate | |
openssl x509 -req -in endUser.csr -CA rootCA.pem -CAkey rootCA.key \ | |
-CAcreateserial -out endUser.crt -days 500 -sha256 | |
} | |
create_test_certificate_chain | |
generate_jks_with_cert_and_key endUser.crt endUser.key pl3as3ChangeMe |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment