aboutsummaryrefslogblamecommitdiff
path: root/issue-certificates.sh
blob: 1a00992415452ccc3b4c61e0ed2a6298843f5a90 (plain) (tree) 
f110c61


























3cb262f









1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26

27
28
29
30
31
32
33
34
35


























                                                                                 








                                                                                 
#!/bin/sh -

. ./environment.sh

set -x

openssl req -batch -new -engine pkcs11 -keyform ENGINE -x509 -days 365		\
	-subj "/C=PV/O=Pottsylvanian Ministry of Offense/GN=Fearless/SN=Leader" \
	-key label_leader -out leader.cer

openssl req -batch -new -engine pkcs11 -keyform ENGINE				\
	-subj "/GN=Natasha/SN=Fatale"						\
	-key label_natasha							|
openssl x509 -req -engine pkcs11 -CAkeyform ENGINE -days 60			\
	-set_serial `date +%s` -extfile $OPENSSL_CONF -extensions ext_ee	\
	-CAkey label_leader -CA leader.cer					\
	-out natasha.cer

openssl req -batch -new -engine pkcs11 -keyform ENGINE				\
	-subj "/GN=Boris/SN=Badenov"						\
	-key label_boris							|
openssl x509 -req -engine pkcs11 -CAkeyform ENGINE -days 60			\
	-set_serial `date +%s` -extfile $OPENSSL_CONF -extensions ext_ee	\
	-CAkey label_leader -CA leader.cer					\
	-out boris.cer

openssl req -batch -new -engine pkcs11 -keyform ENGINE				\
	-subj "/GN=Hilary/SN=Pushemoff/CN=localhost"				\
	-key label_boris							|
openssl x509 -req -engine pkcs11 -CAkeyform ENGINE -days 60			\
	-set_serial `date +%s` -extfile $OPENSSL_CONF -extensions ext_ee	\
	-CAkey label_leader -CA leader.cer					\
	-out nogoodnik.cer

openssl verify -verbose -CAfile leader.cer boris.cer natasha.cer nogoodnik.cer
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-15 02:19:50 +0000