rafaelfoster/makeauthority.sh

## makeauthority.sh
# Run this once
openssl genrsa -des3 -out ca.key 4096
openssl req -new -x509 -days 365 -key ca.key -out ca.crt

## makecert.sh
# Run this for each email account.  The system must install the CA cert and the resulting p12 file in order to be happy.

# Borrowed from http://serverfault.com/questions/103263/can-i-create-my-own-s-mime-certificate-for-email-encryption

openssl genrsa -des3 -out smime.key 4096
openssl req -new -key smime.key -out smime.csr
openssl x509 -req -days 365 -in smime.csr -CA ca.crt -CAkey ca.key -set_serial 1 -out smime.crt -setalias "Self Signed SMIME" -addtrust emailProtection -addreject clientAuth -addreject serverAuth -trustout
openssl pkcs12 -export -in smime.crt -inkey smime.key -out smime.p12
	# Run this once
	openssl genrsa -des3 -out ca.key 4096
	openssl req -new -x509 -days 365 -key ca.key -out ca.crt
	# Run this for each email account. The system must install the CA cert and the resulting p12 file in order to be happy.

	# Borrowed from http://serverfault.com/questions/103263/can-i-create-my-own-s-mime-certificate-for-email-encryption

	openssl genrsa -des3 -out smime.key 4096
	openssl req -new -key smime.key -out smime.csr
	openssl x509 -req -days 365 -in smime.csr -CA ca.crt -CAkey ca.key -set_serial 1 -out smime.crt -setalias "Self Signed SMIME" -addtrust emailProtection -addreject clientAuth -addreject serverAuth -trustout
	openssl pkcs12 -export -in smime.crt -inkey smime.key -out smime.p12