/spec/fixtures/ssl/generate.sh

http://github.com/jnunemaker/httparty · Shell · 29 lines · 13 code · 9 blank · 7 comment · 1 complexity · 60c336069258c5bb7341d13cf9e674dd MD5 · raw file

  1. #!/bin/sh
  2. set -e
  3. if [ -d "generated" ] ; then
  4. echo >&2 "error: 'generated' directory already exists. Delete it first."
  5. exit 1
  6. fi
  7. mkdir generated
  8. # Generate the CA private key and certificate
  9. openssl req -batch -subj '/CN=INSECURE Test Certificate Authority' -newkey rsa:4096 -new -x509 -days 999999 -keyout generated/ca.key -nodes -out generated/ca.crt
  10. # Create symlinks for ssl_ca_path
  11. openssl generated
  12. # Generate the server private key and self-signed certificate
  13. openssl req -batch -subj '/CN=localhost' -newkey rsa:4096 -new -x509 -days 999999 -keyout generated/server.key -nodes -out generated/selfsigned.crt
  14. # Generate certificate signing request with bogus hostname
  15. openssl req -batch -subj '/CN=bogo' -new -key generated/server.key -nodes -out generated/bogushost.csr
  16. # Sign the certificate requests
  17. openssl x509 -CA generated/ca.crt -CAkey generated/ca.key -set_serial 1 -in generated/selfsigned.crt -out generated/server.crt -clrext -extfile openssl-exts.cnf -extensions cert -days 999999
  18. openssl x509 -req -CA generated/ca.crt -CAkey generated/ca.key -set_serial 1 -in generated/bogushost.csr -out generated/bogushost.crt -clrext -extfile openssl-exts.cnf -extensions cert -days 999999
  19. # Remove certificate signing requests
  20. rm -f generated/*.csr