forked from TrueCloudLab/neoneo-go
38 lines
813 B
Text
38 lines
813 B
Text
|
#!/bin/bash
|
||
|
|
|
||
|
|
outdir="${1:-./out}"
|
||
|
|
|
||
|
|
genca() {
|
||
|
|
local name="$1"
|
||
|
|
|
||
|
|
echo "Generating $name ..."
|
||
|
|
openssl req -nodes -new -x509 \
|
||
|
|
-keyout "${name}_key.pem" \
|
||
|
|
-out "${name}_cert.pem" \
|
||
|
|
-addext basicConstraints=CA:TRUE \
|
||
|
|
-days 1825 -config CA.cnf
|
||
|
|
}
|
||
|
|
|
||
|
|
gencert() {
|
||
|
|
local ca="$1"
|
||
|
|
local i="$2"
|
||
|
|
|
||
|
|
openssl req -sha256 -nodes -newkey rsa:2048 \
|
||
|
|
-keyout "peer${ca}_${i}_key.pem" \
|
||
|
|
-out "peer${i}.csr" -config "peer${i}.cnf"
|
||
|
|
openssl x509 -req -days 398 -in "peer${i}.csr" \
|
||
|
|
-CA "${ca}_cert.pem" \
|
||
|
|
-CAkey "${ca}_key.pem" \
|
||
|
|
-CAcreateserial -out "peer${ca}_${i}_cert.pem" \
|
||
|
|
-extensions req_ext \
|
||
|
|
-extfile "peer${i}.cnf"
|
||
|
|
rm "peer${i}.csr"
|
||
|
|
}
|
||
|
|
|
||
|
|
genca CA1
|
||
|
|
genca CA2
|
||
|
|
gencert CA1 1
|
||
|
|
gencert CA1 2
|
||
|
|
gencert CA2 1
|
||
|
|
gencert CA2 2
|