Last active
October 17, 2015 10:43
-
-
Save norbekaiser/a13494b0a7edf499c703 to your computer and use it in GitHub Desktop.
stuff for ssl
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # usage: generate_ca.sh rootca | |
| # requires rootca.key | |
| # Generates rootca.pem | |
| if [ -z "$1" ]; then | |
| echo "please specify key filename"; | |
| exit 1 | |
| fi | |
| openssl req -x509 -new -nodes -key $1.key -days 1024 -out $1.pem |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # usage generate_crt.sh myCA testdomain | |
| # Generates a $2.csr .key und .crt | |
| if [ -z "$1" ]; then | |
| echo "please specify key filename"; | |
| exit 1 | |
| fi | |
| if [ -z "$2" ]; then | |
| echo "please specify device name"; | |
| exit 1 | |
| fi | |
| openssl genrsa -out $2.key 4096 | |
| openssl req -new -key $2.key -out $2.csr | |
| openssl x509 -req -in $2.csr -CA $1.pem -CAkey $1.key -CAcreateserial -out $2.crt -days 444 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # usage: generate_key.sh rootca | |
| # Generates a key file rootca.key | |
| if [ -z "$1" ]; | |
| then echo "please specify something like testseite.norbert-ruehl.de"; | |
| exit 1 | |
| fi | |
| openssl genrsa -des3 -out $1.key 4096 | |
| chmod 600 $1.key |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # usage: moveto_sys.sh myca | |
| # moves the file to ca-certificates | |
| if [ -z "$1" ]; | |
| then echo "please specify something like norebca"; | |
| exit 1 | |
| fi | |
| sudo cp $1.pem /usr/local/share/ca-certificates/$1.crt | |
| sudo update-ca-certificates |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| You are about to be asked to enter information that will be incorporated | |
| into your certificate request. | |
| What you are about to enter is what is called a Distinguished Name or a DN. | |
| There are quite a few fields but you can leave some blank | |
| For some fields there will be a default value, | |
| If you enter '.', the field will be left blank. | |
| ----- | |
| Country Name (2 letter code) [AU]:DE | |
| State or Province Name (full name) [Some-State]:Auenland | |
| Locality Name (eg, city) []:Mordor | |
| Organization Name (eg, company) [Internet Widgits Pty Ltd]:norbcode | |
| Organizational Unit Name (eg, section) []:norbeca | |
| Common Name (e.g. server FQDN or YOUR name) []:norbedomain.norb | |
| Email Address []: | |
| Please enter the following 'extra' attributes | |
| to be sent with your certificate request | |
| A challenge password []: | |
| An optional company name []: | |
| Signature ok | |
| subject=/C=DE/ST=Auenland/L=Mordor/O=norbcode/OU=norbeca/CN=norbedomain.norb | |
| Getting CA Private Key | |
| Enter pass phrase for norbeca.key: |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment