rm file

2016-10-31 15:23:59 +08:00 · 2016-10-31 15:23:59 +08:00 · 830326178b
parent 51944e1512
commit 830326178b
2 changed files with 0 additions and 78 deletions
--- a/etc/certs/make_certs
+++ b/etc/certs/make_certs
@ -1,24 +0,0 @@
-#!/bin/sh
-
-rm -rf temp
-
-mkdir temp
-
-echo 01 > temp/serial
-touch temp/index.txt
-
-## create ca certificate
-openssl req -x509 -config openssl.cnf -newkey rsa:2048 -days 365  -out cacert.pem -outform PEM -subj /CN=MyTestCA/ -nodes
-openssl x509 -in cacert.pem -out temp/cacert.cer -outform DER
-
-## create server certificate
-openssl genrsa -out server-key.pem 2048
-openssl req -new -key server-key.pem -out temp/server-req.pem -outform PEM -subj /CN=$(hostname)/O=server/ -nodes
-openssl ca -config openssl.cnf -in temp/server-req.pem -out server-cert.pem -notext -batch -extensions server_ca_extensions
-
-## create client certificate
-openssl genrsa -out client-key.pem 2048
-openssl req -new -key client-key.pem -out temp/client-req.pem -outform PEM -subj /CN=$(hostname)/O=client/ -nodes
-openssl ca -config openssl.cnf -in temp/client-req.pem -out client-cert.pem -notext -batch -extensions client_ca_extensions
-
-rm -rf temp
--- a/etc/certs/openssl.cnf
+++ b/etc/certs/openssl.cnf
@ -1,54 +0,0 @@
-[ ca ]
-default_ca = testca
-
-[ testca ]
-dir = .
-certificate = $dir/cacert.pem
-database = $dir/temp/index.txt
-new_certs_dir = $dir/temp
-private_key = $dir/temp/cakey.pem
-serial = $dir/temp/serial
-
-default_crl_days = 7
-default_days = 365
-default_md = sha256
-
-policy = testca_policy
-x509_extensions = certificate_extensions
-
-[ testca_policy ]
-commonName = supplied
-stateOrProvinceName = optional
-countryName = optional
-emailAddress = optional
-organizationName = optional
-organizationalUnitName = optional
-domainComponent = optional
-
-[ certificate_extensions ]
-basicConstraints = CA:false
-
-[ req ]
-default_bits = 2048
-default_keyfile = ./temp/cakey.pem
-default_md = sha256
-prompt = yes
-distinguished_name = root_ca_distinguished_name
-x509_extensions = root_ca_extensions
-
-[ root_ca_distinguished_name ]
-commonName = hostname
-
-[ root_ca_extensions ]
-basicConstraints = CA:true
-keyUsage = keyCertSign, cRLSign
-
-[ client_ca_extensions ]
-basicConstraints = CA:false
-keyUsage = digitalSignature
-extendedKeyUsage = 1.3.6.1.5.5.7.3.2
-
-[ server_ca_extensions ]
-basicConstraints = CA:false
-keyUsage = keyEncipherment
-extendedKeyUsage = 1.3.6.1.5.5.7.3.1