-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathcommonFunctions
41 lines (33 loc) · 1.03 KB
/
commonFunctions
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
#!/bin/bash
. structure
genKey(){ #subj, internalName
openssl genrsa -out $2.key ${KEYSIZE}
openssl req -new -key $2.key -out $2.csr -subj "$1/O=Test Environment CA Ltd./OU=Test Environment CAs/C=AU"
}
genca(){ #subj, internalName
mkdir $2.ca
genKey "$1" "$2.ca/key"
mkdir $2.ca/newcerts
echo 01 > $2.ca/serial
touch $2.ca/db
echo unique_subject = no >$2.ca/db.attr
}
caSign(){ # csr,ca,config,start,end
start="$4"
end="$5"
[[ "$start" != "" ]] && start="-startdate $start"
[[ "$end" != "" ]] && end="-enddate $end"
[[ "$start" == "" && "$end" == "" ]] && start="$ROOT_VALIDITY"
BASE="$PWD"
echo "Signing: $BASE/$1 with $2"
echo "$start $end"
pushd $2.ca > /dev/null
if [[ "$2" == "root" && "$1" == root.* ]]; then
signkey="-selfsign"
else
signkey="-cert key.crt"
fi
openssl ca $signkey -keyfile key.key -in "$BASE/$1.csr" -out "$BASE/$1.crt" -batch -config "$BASE/../selfsign.config" -extfile "$BASE/$3" $start $end
popd > /dev/null
echo "Signed"
}