diff options
| author | marha <marha@users.sourceforge.net> | 2009-06-28 22:07:26 +0000 |
|---|---|---|
| committer | marha <marha@users.sourceforge.net> | 2009-06-28 22:07:26 +0000 |
| commit | 3562e78743202e43aec8727005182a2558117eca (patch) | |
| tree | 8f9113a77d12470c5c851a2a8e4cb02e89df7d43 /openssl/util/mkcerts.sh | |
| download | vcxsrv-3562e78743202e43aec8727005182a2558117eca.tar.gz vcxsrv-3562e78743202e43aec8727005182a2558117eca.tar.bz2 vcxsrv-3562e78743202e43aec8727005182a2558117eca.zip | |
Checked in the following released items:
xkeyboard-config-1.4.tar.gz
ttf-bitstream-vera-1.10.tar.gz
font-alias-1.0.1.tar.gz
font-sun-misc-1.0.0.tar.gz
font-sun-misc-1.0.0.tar.gz
font-sony-misc-1.0.0.tar.gz
font-schumacher-misc-1.0.0.tar.gz
font-mutt-misc-1.0.0.tar.gz
font-misc-misc-1.0.0.tar.gz
font-misc-meltho-1.0.0.tar.gz
font-micro-misc-1.0.0.tar.gz
font-jis-misc-1.0.0.tar.gz
font-isas-misc-1.0.0.tar.gz
font-dec-misc-1.0.0.tar.gz
font-daewoo-misc-1.0.0.tar.gz
font-cursor-misc-1.0.0.tar.gz
font-arabic-misc-1.0.0.tar.gz
font-winitzki-cyrillic-1.0.0.tar.gz
font-misc-cyrillic-1.0.0.tar.gz
font-cronyx-cyrillic-1.0.0.tar.gz
font-screen-cyrillic-1.0.1.tar.gz
font-xfree86-type1-1.0.1.tar.gz
font-adobe-utopia-type1-1.0.1.tar.gz
font-ibm-type1-1.0.0.tar.gz
font-bitstream-type1-1.0.0.tar.gz
font-bitstream-speedo-1.0.0.tar.gz
font-bh-ttf-1.0.0.tar.gz
font-bh-type1-1.0.0.tar.gz
font-bitstream-100dpi-1.0.0.tar.gz
font-bh-lucidatypewriter-100dpi-1.0.0.tar.gz
font-bh-100dpi-1.0.0.tar.gz
font-adobe-utopia-100dpi-1.0.1.tar.gz
font-adobe-100dpi-1.0.0.tar.gz
font-util-1.0.1.tar.gz
font-bitstream-75dpi-1.0.0.tar.gz
font-bh-lucidatypewriter-75dpi-1.0.0.tar.gz
font-adobe-utopia-75dpi-1.0.1.tar.gz
font-bh-75dpi-1.0.0.tar.gz
bdftopcf-1.0.1.tar.gz
font-adobe-75dpi-1.0.0.tar.gz
mkfontscale-1.0.6.tar.gz
openssl-0.9.8k.tar.gz
bigreqsproto-1.0.2.tar.gz
xtrans-1.2.2.tar.gz
resourceproto-1.0.2.tar.gz
inputproto-1.4.4.tar.gz
compositeproto-0.4.tar.gz
damageproto-1.1.0.tar.gz
zlib-1.2.3.tar.gz
xkbcomp-1.0.5.tar.gz
freetype-2.3.9.tar.gz
pthreads-w32-2-8-0-release.tar.gz
pixman-0.12.0.tar.gz
kbproto-1.0.3.tar.gz
evieext-1.0.2.tar.gz
fixesproto-4.0.tar.gz
recordproto-1.13.2.tar.gz
randrproto-1.2.2.tar.gz
scrnsaverproto-1.1.0.tar.gz
renderproto-0.9.3.tar.gz
xcmiscproto-1.1.2.tar.gz
fontsproto-2.0.2.tar.gz
xextproto-7.0.3.tar.gz
xproto-7.0.14.tar.gz
libXdmcp-1.0.2.tar.gz
libxkbfile-1.0.5.tar.gz
libfontenc-1.0.4.tar.gz
libXfont-1.3.4.tar.gz
libX11-1.1.5.tar.gz
libXau-1.0.4.tar.gz
libxcb-1.1.tar.gz
xorg-server-1.5.3.tar.gz
Diffstat (limited to 'openssl/util/mkcerts.sh')
| -rw-r--r-- | openssl/util/mkcerts.sh | 220 |
1 files changed, 220 insertions, 0 deletions
diff --git a/openssl/util/mkcerts.sh b/openssl/util/mkcerts.sh new file mode 100644 index 000000000..0184fcb70 --- /dev/null +++ b/openssl/util/mkcerts.sh @@ -0,0 +1,220 @@ +#!/bin/sh + +# This script will re-make all the required certs. +# cd apps +# sh ../util/mkcerts.sh +# mv ca-cert.pem pca-cert.pem ../certs +# cd .. +# cat certs/*.pem >>apps/server.pem +# cat certs/*.pem >>apps/server2.pem +# SSLEAY=`pwd`/apps/ssleay; export SSLEAY +# sh tools/c_rehash certs +# + +CAbits=1024 +SSLEAY="../apps/openssl" +CONF="-config ../apps/openssl.cnf" + +# create pca request. +echo creating $CAbits bit PCA cert request +$SSLEAY req $CONF \ + -new -md5 -newkey $CAbits \ + -keyout pca-key.pem \ + -out pca-req.pem -nodes >/dev/null <<EOF +AU +Queensland +. +CryptSoft Pty Ltd +. +Test PCA (1024 bit) + + + +EOF + +if [ $? != 0 ]; then + echo problems generating PCA request + exit 1 +fi + +#sign it. +echo +echo self signing PCA +$SSLEAY x509 -md5 -days 1461 \ + -req -signkey pca-key.pem \ + -CAcreateserial -CAserial pca-cert.srl \ + -in pca-req.pem -out pca-cert.pem + +if [ $? != 0 ]; then + echo problems self signing PCA cert + exit 1 +fi +echo + +# create ca request. +echo creating $CAbits bit CA cert request +$SSLEAY req $CONF \ + -new -md5 -newkey $CAbits \ + -keyout ca-key.pem \ + -out ca-req.pem -nodes >/dev/null <<EOF +AU +Queensland +. +CryptSoft Pty Ltd +. +Test CA (1024 bit) + + + +EOF + +if [ $? != 0 ]; then + echo problems generating CA request + exit 1 +fi + +#sign it. +echo +echo signing CA +$SSLEAY x509 -md5 -days 1461 \ + -req \ + -CAcreateserial -CAserial pca-cert.srl \ + -CA pca-cert.pem -CAkey pca-key.pem \ + -in ca-req.pem -out ca-cert.pem + +if [ $? != 0 ]; then + echo problems signing CA cert + exit 1 +fi +echo + +# create server request. +echo creating 512 bit server cert request +$SSLEAY req $CONF \ + -new -md5 -newkey 512 \ + -keyout s512-key.pem \ + -out s512-req.pem -nodes >/dev/null <<EOF +AU +Queensland +. +CryptSoft Pty Ltd +. +Server test cert (512 bit) + + + +EOF + +if [ $? != 0 ]; then + echo problems generating 512 bit server cert request + exit 1 +fi + +#sign it. +echo +echo signing 512 bit server cert +$SSLEAY x509 -md5 -days 365 \ + -req \ + -CAcreateserial -CAserial ca-cert.srl \ + -CA ca-cert.pem -CAkey ca-key.pem \ + -in s512-req.pem -out server.pem + +if [ $? != 0 ]; then + echo problems signing 512 bit server cert + exit 1 +fi +echo + +# create 1024 bit server request. +echo creating 1024 bit server cert request +$SSLEAY req $CONF \ + -new -md5 -newkey 1024 \ + -keyout s1024key.pem \ + -out s1024req.pem -nodes >/dev/null <<EOF +AU +Queensland +. +CryptSoft Pty Ltd +. +Server test cert (1024 bit) + + + +EOF + +if [ $? != 0 ]; then + echo problems generating 1024 bit server cert request + exit 1 +fi + +#sign it. +echo +echo signing 1024 bit server cert +$SSLEAY x509 -md5 -days 365 \ + -req \ + -CAcreateserial -CAserial ca-cert.srl \ + -CA ca-cert.pem -CAkey ca-key.pem \ + -in s1024req.pem -out server2.pem + +if [ $? != 0 ]; then + echo problems signing 1024 bit server cert + exit 1 +fi +echo + +# create 512 bit client request. +echo creating 512 bit client cert request +$SSLEAY req $CONF \ + -new -md5 -newkey 512 \ + -keyout c512-key.pem \ + -out c512-req.pem -nodes >/dev/null <<EOF +AU +Queensland +. +CryptSoft Pty Ltd +. +Client test cert (512 bit) + + + +EOF + +if [ $? != 0 ]; then + echo problems generating 512 bit client cert request + exit 1 +fi + +#sign it. +echo +echo signing 512 bit client cert +$SSLEAY x509 -md5 -days 365 \ + -req \ + -CAcreateserial -CAserial ca-cert.srl \ + -CA ca-cert.pem -CAkey ca-key.pem \ + -in c512-req.pem -out client.pem + +if [ $? != 0 ]; then + echo problems signing 512 bit client cert + exit 1 +fi + +echo cleanup + +cat pca-key.pem >> pca-cert.pem +cat ca-key.pem >> ca-cert.pem +cat s512-key.pem >> server.pem +cat s1024key.pem >> server2.pem +cat c512-key.pem >> client.pem + +for i in pca-cert.pem ca-cert.pem server.pem server2.pem client.pem +do +$SSLEAY x509 -issuer -subject -in $i -noout >$$ +cat $$ +/bin/cat $i >>$$ +/bin/mv $$ $i +done + +#/bin/rm -f *key.pem *req.pem *.srl + +echo Finished + |