From eca4feb580cffd6af474f599efe3fe99505a525c Mon Sep 17 00:00:00 2001
From: Rob Austein <sra@hactrn.net>
Date: Tue, 20 Jun 2006 17:32:05 +0000
Subject: Importing OpenSSL 0.9.8b

svn path=/openssl/vendor/current/CHANGES; revision=1
---
 openssl/vendor/current/util/mkcerts.sh | 220 +++++++++++++++++++++++++++++++++
 1 file changed, 220 insertions(+)
 create mode 100755 openssl/vendor/current/util/mkcerts.sh

(limited to 'openssl/vendor/current/util/mkcerts.sh')

diff --git a/openssl/vendor/current/util/mkcerts.sh b/openssl/vendor/current/util/mkcerts.sh
new file mode 100755
index 00000000..0184fcb7
--- /dev/null
+++ b/openssl/vendor/current/util/mkcerts.sh
@@ -0,0 +1,220 @@
+#!/bin/sh
+
+# This script will re-make all the required certs.
+# cd apps
+# sh ../util/mkcerts.sh
+# mv ca-cert.pem pca-cert.pem ../certs
+# cd ..
+# cat certs/*.pem >>apps/server.pem
+# cat certs/*.pem >>apps/server2.pem
+# SSLEAY=`pwd`/apps/ssleay; export SSLEAY
+# sh tools/c_rehash certs
+#
+ 
+CAbits=1024
+SSLEAY="../apps/openssl"
+CONF="-config ../apps/openssl.cnf"
+
+# create pca request.
+echo creating $CAbits bit PCA cert request
+$SSLEAY req $CONF \
+	-new -md5 -newkey $CAbits \
+	-keyout pca-key.pem \
+	-out pca-req.pem -nodes >/dev/null <<EOF
+AU
+Queensland
+.
+CryptSoft Pty Ltd
+.
+Test PCA (1024 bit)
+
+
+
+EOF
+
+if [ $? != 0 ]; then
+	echo problems generating PCA request
+	exit 1
+fi
+
+#sign it.
+echo
+echo self signing PCA
+$SSLEAY x509 -md5 -days 1461 \
+	-req -signkey pca-key.pem \
+	-CAcreateserial -CAserial pca-cert.srl \
+	-in pca-req.pem -out pca-cert.pem
+
+if [ $? != 0 ]; then
+	echo problems self signing PCA cert
+	exit 1
+fi
+echo
+
+# create ca request.
+echo creating $CAbits bit CA cert request
+$SSLEAY req $CONF \
+	-new -md5 -newkey $CAbits \
+	-keyout ca-key.pem \
+	-out ca-req.pem -nodes >/dev/null <<EOF
+AU
+Queensland
+.
+CryptSoft Pty Ltd
+.
+Test CA (1024 bit)
+
+
+
+EOF
+
+if [ $? != 0 ]; then
+	echo problems generating CA request
+	exit 1
+fi
+
+#sign it.
+echo
+echo signing CA
+$SSLEAY x509 -md5 -days 1461 \
+	-req \
+	-CAcreateserial -CAserial pca-cert.srl \
+	-CA pca-cert.pem -CAkey pca-key.pem \
+	-in ca-req.pem -out ca-cert.pem
+
+if [ $? != 0 ]; then
+	echo problems signing CA cert
+	exit 1
+fi
+echo
+
+# create server request.
+echo creating 512 bit server cert request
+$SSLEAY req $CONF \
+	-new -md5 -newkey 512 \
+	-keyout s512-key.pem \
+	-out s512-req.pem -nodes >/dev/null <<EOF
+AU
+Queensland
+.
+CryptSoft Pty Ltd
+.
+Server test cert (512 bit)
+
+
+
+EOF
+
+if [ $? != 0 ]; then
+	echo problems generating 512 bit server cert request
+	exit 1
+fi
+
+#sign it.
+echo
+echo signing 512 bit server cert
+$SSLEAY x509 -md5 -days 365 \
+	-req \
+	-CAcreateserial -CAserial ca-cert.srl \
+	-CA ca-cert.pem -CAkey ca-key.pem \
+	-in s512-req.pem -out server.pem
+
+if [ $? != 0 ]; then
+	echo problems signing 512 bit server cert
+	exit 1
+fi
+echo
+
+# create 1024 bit server request.
+echo creating 1024 bit server cert request
+$SSLEAY req $CONF \
+	-new -md5 -newkey 1024 \
+	-keyout s1024key.pem \
+	-out s1024req.pem -nodes >/dev/null <<EOF
+AU
+Queensland
+.
+CryptSoft Pty Ltd
+.
+Server test cert (1024 bit)
+
+
+
+EOF
+
+if [ $? != 0 ]; then
+	echo problems generating 1024 bit server cert request
+	exit 1
+fi
+
+#sign it.
+echo
+echo signing 1024 bit server cert
+$SSLEAY x509 -md5 -days 365 \
+	-req \
+	-CAcreateserial -CAserial ca-cert.srl \
+	-CA ca-cert.pem -CAkey ca-key.pem \
+	-in s1024req.pem -out server2.pem
+
+if [ $? != 0 ]; then
+	echo problems signing 1024 bit server cert
+	exit 1
+fi
+echo
+
+# create 512 bit client request.
+echo creating 512 bit client cert request
+$SSLEAY req $CONF \
+	-new -md5 -newkey 512 \
+	-keyout c512-key.pem \
+	-out c512-req.pem -nodes >/dev/null <<EOF
+AU
+Queensland
+.
+CryptSoft Pty Ltd
+.
+Client test cert (512 bit)
+
+
+
+EOF
+
+if [ $? != 0 ]; then
+	echo problems generating 512 bit client cert request
+	exit 1
+fi
+
+#sign it.
+echo
+echo signing 512 bit client cert
+$SSLEAY x509 -md5 -days 365 \
+	-req \
+	-CAcreateserial -CAserial ca-cert.srl \
+	-CA ca-cert.pem -CAkey ca-key.pem \
+	-in c512-req.pem -out client.pem
+
+if [ $? != 0 ]; then
+	echo problems signing 512 bit client cert
+	exit 1
+fi
+
+echo cleanup
+
+cat pca-key.pem  >> pca-cert.pem
+cat ca-key.pem   >> ca-cert.pem
+cat s512-key.pem >> server.pem
+cat s1024key.pem >> server2.pem
+cat c512-key.pem >> client.pem
+
+for i in pca-cert.pem ca-cert.pem server.pem server2.pem client.pem
+do
+$SSLEAY x509 -issuer -subject -in $i -noout >$$
+cat $$
+/bin/cat $i >>$$
+/bin/mv $$ $i
+done
+
+#/bin/rm -f *key.pem *req.pem *.srl
+
+echo Finished
+
-- 
cgit v1.2.3