Last active
March 3, 2017 21:35
-
-
Save mokapyo/9791d141316fc45b0c40e7c36f2a6c25 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
### define parameter | |
CAname="piyoCA" | |
SelfSignedCert="CAcert.pem" | |
SelfSignedKey="CAkey.pem" | |
PassPhrase="piyoca" | |
### | |
# make CA dir | |
mkdir /etc/ssl/$CAname | |
mkdir -p /etc/ssl/$CAname/certs | |
mkdir -p /etc/ssl/$CAname/private | |
mkdir -p /etc/ssl/$CAname/crl | |
mkdir -p /etc/ssl/$CAname/newcerts | |
chmod 700 /etc/ssl/$CAname/private | |
# initialize serial & database | |
echo 01>/etc/ssl/$CAname/serial | |
touch /etc/ssl/$CAname/index.txt | |
# modify opennssl.conf | |
sed -i -e "/^dir/s/dir/#dir/" /etc/ssl/openssl.cnf | |
sed -i -e "/^#dir/a dir = /etc/ssl/$CAname" /etc/ssl/openssl.cnf | |
# make Self-signed certificate & private key | |
cd /etc/ssl/$CAname | |
expect -c " | |
set timeout 5 | |
spawn openssl req -new -x509 -newkey rsa:2048 -out $SelfSignedCert -keyout private/$SelfSignedKey -days 365 | |
expect \"PEM\" | |
send \"$PassPhrase\n\" | |
expect \"Verifying\" | |
send \"$PassPhrase\n\" | |
expect \"Country\" | |
send \"JP\n\" | |
expect \"State\" | |
send \"Kanagawa\n\" | |
expect \"Locality\" | |
send \"Fujisawa\n\" | |
expect \"company\" | |
send \"Shonandai\n\" | |
expect \"Unit\" | |
send \"poko\n\" | |
expect \"Common\" | |
send \"$CAname\n\" | |
expect \"Email\" | |
send \"a@a.com\n\" | |
expect \"$\" | |
exit 0 | |
" | |
# Show Result | |
openssl x509 -in /etc/ssl/$CAname/$SelfSignedCert -text |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment