aboutsummaryrefslogtreecommitdiff
path: root/issue-certificates.sh
diff options
context:
space:
mode:
Diffstat (limited to 'issue-certificates.sh')
-rwxr-xr-xissue-certificates.sh27
1 files changed, 27 insertions, 0 deletions
diff --git a/issue-certificates.sh b/issue-certificates.sh
new file mode 100755
index 0000000..39e64d9
--- /dev/null
+++ b/issue-certificates.sh
@@ -0,0 +1,27 @@
+#!/bin/sh -
+
+. ./environment.sh
+
+set -x
+
+openssl req -batch -new -engine pkcs11 -keyform ENGINE -x509 -days 365 \
+ -subj "/C=PV/O=Pottsylvanian Ministry of Offense/GN=Fearless/SN=Leader" \
+ -key label_leader -out leader.cer
+
+openssl req -batch -new -engine pkcs11 -keyform ENGINE \
+ -subj "/GN=Natasha/SN=Fatale" \
+ -key label_natasha |
+openssl x509 -req -engine pkcs11 -CAkeyform ENGINE -days 60 \
+ -set_serial `date +%s` -extfile $OPENSSL_CONF -extensions ext_ee \
+ -CAkey label_leader -CA leader.cer \
+ -out natasha.cer
+
+openssl req -batch -new -engine pkcs11 -keyform ENGINE \
+ -subj "/GN=Boris/SN=Badenov" \
+ -key label_boris |
+openssl x509 -req -engine pkcs11 -CAkeyform ENGINE -days 60 \
+ -set_serial `date +%s` -extfile $OPENSSL_CONF -extensions ext_ee \
+ -CAkey label_leader -CA leader.cer \
+ -out boris.cer
+
+openssl verify -verbose -CAfile leader.cer boris.cer natasha.cer
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-02 15:25:59 +0000