aboutsummaryrefslogtreecommitdiff
path: root/issue-certificates.sh
blob: 39e64d9edaa777f70961dfc07673512077b6275a (plain) (blame) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27

#!/bin/sh -

. ./environment.sh

set -x

openssl req -batch -new -engine pkcs11 -keyform ENGINE -x509 -days 365		\
	-subj "/C=PV/O=Pottsylvanian Ministry of Offense/GN=Fearless/SN=Leader" \
	-key label_leader -out leader.cer

openssl req -batch -new -engine pkcs11 -keyform ENGINE				\
	-subj "/GN=Natasha/SN=Fatale"						\
	-key label_natasha							|
openssl x509 -req -engine pkcs11 -CAkeyform ENGINE -days 60			\
	-set_serial `date +%s` -extfile $OPENSSL_CONF -extensions ext_ee	\
	-CAkey label_leader -CA leader.cer					\
	-out natasha.cer

openssl req -batch -new -engine pkcs11 -keyform ENGINE				\
	-subj "/GN=Boris/SN=Badenov"						\
	-key label_boris							|
openssl x509 -req -engine pkcs11 -CAkeyform ENGINE -days 60			\
	-set_serial `date +%s` -extfile $OPENSSL_CONF -extensions ext_ee	\
	-CAkey label_leader -CA leader.cer					\
	-out boris.cer

openssl verify -verbose -CAfile leader.cer boris.cer natasha.cer
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-02 23:11:47 +0000