For educational reasons I've decided to create my own CA. Here is what I learned.
Lets get some context first.
import org.bouncycastle.asn1.ASN1Encodable; | |
import org.bouncycastle.asn1.DERSequence; | |
import org.bouncycastle.asn1.x500.X500Name; | |
import org.bouncycastle.asn1.x509.BasicConstraints; | |
import org.bouncycastle.asn1.x509.Extension; | |
import org.bouncycastle.asn1.x509.GeneralName; | |
import org.bouncycastle.asn1.x509.KeyUsage; | |
import org.bouncycastle.cert.X509CertificateHolder; | |
import org.bouncycastle.cert.X509v3CertificateBuilder; | |
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter; |
#!/bin/sh | |
DIR="tmp_"$$ | |
JAR=`echo $1 | tr '.' ' ' | awk '{ print $1 }'` | |
rm -rf $JAR.jar | |
mkdir $DIR | |
cp $1 $DIR | |
cd $DIR | |
echo "** Compiling java file..." | |
javac -d . -g $1 | |
echo "** Creating temporary jar..." |
man() { | |
env \ | |
LESS_TERMCAP_mb=$(printf "\e[1;31m") \ | |
LESS_TERMCAP_md=$(printf "\e[1;31m") \ | |
LESS_TERMCAP_me=$(printf "\e[0m") \ | |
LESS_TERMCAP_se=$(printf "\e[0m") \ | |
LESS_TERMCAP_so=$(printf "\e[1;44;33m") \ | |
LESS_TERMCAP_ue=$(printf "\e[0m") \ | |
LESS_TERMCAP_us=$(printf "\e[1;32m") \ | |
man "$@" |
#!/bin/sh | |
## | |
## Usage: ./ovpn-writer.sh SERVER CA_CERT CLIENT_CERT CLIENT_KEY SHARED_SECRET > client.ovpn | |
## | |
server=${1?"The server address is required"} | |
cacert=${2?"The path to the ca certificate file is required"} | |
client_cert=${3?"The path to the client certificate file is required"} | |
client_key=${4?"The path to the client private key file is required"} |
[base-source] | |
name=CentOS-$full_releasever - Base source | |
baseurl=http://vault.centos.org/$full_releasever/os/Source/ | |
gpgcheck=1 | |
gpgkey=http://vault.centos.org//RPM-GPG-KEY-CentOS-6 | |
priority=1 | |
enabled=1 | |
[updates-source] |