rm file

2016-10-31 15:23:59 +08:00 · 2016-10-31 15:23:59 +08:00 · 830326178b
parent 51944e1512
commit 830326178b
2 changed files with 0 additions and 78 deletions
--- a/etc/certs/make_certs
+++ b/etc/certs/make_certs
@ -1,24 +0,0 @@
 #!/bin/sh
 rm -rf temp
 mkdir temp
 echo 01 > temp/serial
 touch temp/index.txt
 ## create ca certificate
 openssl req -x509 -config openssl.cnf -newkey rsa:2048 -days 365  -out cacert.pem -outform PEM -subj /CN=MyTestCA/ -nodes
 openssl x509 -in cacert.pem -out temp/cacert.cer -outform DER
 ## create server certificate
 openssl genrsa -out server-key.pem 2048
 openssl req -new -key server-key.pem -out temp/server-req.pem -outform PEM -subj /CN=$(hostname)/O=server/ -nodes
 openssl ca -config openssl.cnf -in temp/server-req.pem -out server-cert.pem -notext -batch -extensions server_ca_extensions
 ## create client certificate
 openssl genrsa -out client-key.pem 2048
 openssl req -new -key client-key.pem -out temp/client-req.pem -outform PEM -subj /CN=$(hostname)/O=client/ -nodes
 openssl ca -config openssl.cnf -in temp/client-req.pem -out client-cert.pem -notext -batch -extensions client_ca_extensions
 rm -rf temp
--- a/etc/certs/openssl.cnf
+++ b/etc/certs/openssl.cnf
@ -1,54 +0,0 @@
 [ ca ]
 default_ca = testca
 [ testca ]
 dir = .
 certificate = $dir/cacert.pem
 database = $dir/temp/index.txt
 new_certs_dir = $dir/temp
 private_key = $dir/temp/cakey.pem
 serial = $dir/temp/serial
 default_crl_days = 7
 default_days = 365
 default_md = sha256
 policy = testca_policy
 x509_extensions = certificate_extensions
 [ testca_policy ]
 commonName = supplied
 stateOrProvinceName = optional
 countryName = optional
 emailAddress = optional
 organizationName = optional
 organizationalUnitName = optional
 domainComponent = optional
 [ certificate_extensions ]
 basicConstraints = CA:false
 [ req ]
 default_bits = 2048
 default_keyfile = ./temp/cakey.pem
 default_md = sha256
 prompt = yes
 distinguished_name = root_ca_distinguished_name
 x509_extensions = root_ca_extensions
 [ root_ca_distinguished_name ]
 commonName = hostname
 [ root_ca_extensions ]
 basicConstraints = CA:true
 keyUsage = keyCertSign, cRLSign
 [ client_ca_extensions ]
 basicConstraints = CA:false
 keyUsage = digitalSignature
 extendedKeyUsage = 1.3.6.1.5.5.7.3.2
 [ server_ca_extensions ]
 basicConstraints = CA:false
 keyUsage = keyEncipherment
 extendedKeyUsage = 1.3.6.1.5.5.7.3.1