/spec/fixtures/ssl/generate.sh
Shell | 29 lines | 13 code | 9 blank | 7 comment | 1 complexity | 60c336069258c5bb7341d13cf9e674dd MD5 | raw file
1#!/bin/sh 2set -e 3 4if [ -d "generated" ] ; then 5 echo >&2 "error: 'generated' directory already exists. Delete it first." 6 exit 1 7fi 8 9mkdir generated 10 11# Generate the CA private key and certificate 12openssl req -batch -subj '/CN=INSECURE Test Certificate Authority' -newkey rsa:4096 -new -x509 -days 999999 -keyout generated/ca.key -nodes -out generated/ca.crt 13 14# Create symlinks for ssl_ca_path 15openssl generated 16 17# Generate the server private key and self-signed certificate 18openssl req -batch -subj '/CN=localhost' -newkey rsa:4096 -new -x509 -days 999999 -keyout generated/server.key -nodes -out generated/selfsigned.crt 19 20# Generate certificate signing request with bogus hostname 21openssl req -batch -subj '/CN=bogo' -new -key generated/server.key -nodes -out generated/bogushost.csr 22 23# Sign the certificate requests 24openssl x509 -CA generated/ca.crt -CAkey generated/ca.key -set_serial 1 -in generated/selfsigned.crt -out generated/server.crt -clrext -extfile openssl-exts.cnf -extensions cert -days 999999 25openssl x509 -req -CA generated/ca.crt -CAkey generated/ca.key -set_serial 1 -in generated/bogushost.csr -out generated/bogushost.crt -clrext -extfile openssl-exts.cnf -extensions cert -days 999999 26 27# Remove certificate signing requests 28rm -f generated/*.csr 29