Subversion Repositories DevTools

#! /bin/bash
#
# Only every needs to be run ONCE
# Here as a reference as to how it wa done

ROOTCA=VixPulseManifestRootCA
ROOT_FQDN=Vix.Pulse.Manifest.RootCA

# Generate a config file for creating the csr (cert signing Request)
cat << EOF > ${ROOTCA}.cnf
# OpenSSL configuration file for creating a CSR for a server certificate

# the fully qualified server (or service) name
FQDN = ${ROOT_FQDN}

# the name of your organization
ORGNAME = Vix Technology

# --- no modifications required below ---
[ req ]
default_bits = 2048
default_md = sha256
prompt = no
encrypt_key = no

distinguished_name = dn
req_extensions = req_ext
x509_extensions = x509_ext

[ x509_ext ]
basicConstraints    = CA:TRUE
keyUsage            = digitalSignature, keyEncipherment , cRLSign , keyCertSign 

[ dn ]
C = AU
O = \$ORGNAME
CN = \$FQDN

[ req_ext ]

EOF

echo "Generate ROOT CA"
openssl genrsa -out ${ROOTCA}.key 2048 2> /dev/null
openssl req -x509 -new -nodes -key ${ROOTCA}.key -sha256 -days 36500 -out ${ROOTCA}.crt  -config ${ROOTCA}.cnf
openssl verify -CAfile ${ROOTCA}.crt ${ROOTCA}.crt
 
echo Generated: ${ROOTCA}.key
echo Generated: ${ROOTCA}.crt  FQDN: \(${ROOT_FQDN}\)

rm -f *.pubkey
rm -f *.srl
rm -f *.csr