/spec/fixtures/ssl/generate.sh

http://github.com/jnunemaker/httparty · Shell · 29 lines · 13 code · 9 blank · 7 comment · 1 complexity · 60c336069258c5bb7341d13cf9e674dd MD5 · raw file 

    

  1. #!/bin/sh
    2. 

  2. set -e
    3. 

  3. 

  4. if [ -d "generated" ] ; then
    5. 

  5.     echo >&2 "error: 'generated' directory already exists.  Delete it first."
    6. 

  6.     exit 1
    7. 

  7. fi
    8. 

  8. 

  9. mkdir generated
    10. 

  10. 

  11. # Generate the CA private key and certificate
    12. 

  12. openssl req -batch -subj '/CN=INSECURE Test Certificate Authority' -newkey rsa:4096 -new -x509 -days 999999 -keyout generated/ca.key -nodes -out generated/ca.crt
    13. 

  13. 

  14. # Create symlinks for ssl_ca_path
    15. 

  15. openssl generated
    16. 

  16. 

  17. # Generate the server private key and self-signed certificate
    18. 

  18. openssl req -batch -subj '/CN=localhost' -newkey rsa:4096 -new -x509 -days 999999 -keyout generated/server.key -nodes -out generated/selfsigned.crt
    19. 

  19. 

  20. # Generate certificate signing request with bogus hostname
    21. 

  21. openssl req -batch -subj '/CN=bogo' -new -key generated/server.key -nodes -out generated/bogushost.csr
    22. 

  22. 

  23. # Sign the certificate requests
    24. 

  24. openssl x509 -CA generated/ca.crt -CAkey generated/ca.key -set_serial 1 -in generated/selfsigned.crt -out generated/server.crt -clrext -extfile openssl-exts.cnf -extensions cert -days 999999
    25. 

  25. openssl x509 -req -CA generated/ca.crt -CAkey generated/ca.key -set_serial 1 -in generated/bogushost.csr -out generated/bogushost.crt -clrext -extfile openssl-exts.cnf -extensions cert -days 999999
    26. 

  26. 

  27. # Remove certificate signing requests
    28. 

  28. rm -f generated/*.csr
    29.