OpenSSL CAs

#!/bin/bash
echo “Generating Root Key”
openssl genrsa -des3 -out root-ca.key 2048
echo “ok?”
read x

echo “Signing Root Cert”
openssl req -new -x509 -days 1825 -key root-ca.key -out root-ca.crt
echo “ok?”
read x

touch index.txt
mkdir certs
mkdir newcerts
mkdir crl
touch serial
echo “01\n”>serial
echo “” >> serial

echo “Generating Host Key and CSR”
openssl req -newkey rsa:2048 -keyout host.key -nodes -out host.req
echo “ok?”
read x

echo “Signing Host Cert”
openssl ca -keyfile root-ca.key -cert root-ca.crt -out host.crt -infiles host.req
echo “ok?”
read x

echo “Generating User Key and CSR”
openssl req -newkey rsa:2048 -keyout user.key -out user.req
echo “ok?”
read x

echo “Signing User Cert”
openssl ca -keyfile root-ca.key -cert root-ca.crt -out user.crt -infiles user.req
echo “ok?”
read x

echo “Bundling Cert and Key and Root cert”
openssl pkcs12 -export -out user.p12 -inkey user.key -in user.crt -certfile root-ca.crt
echo “ok?”
read x

Comments are closed.