diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-06 03:06:57 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-06 03:06:57 +0000 |
commit | a3eed2c248067f0319cb72bcc8b5e2c7054ea6dc (patch) | |
tree | fd79d650c7ffee81608955be5f4fd8edd791834e /testenv/certs/make_ca.sh | |
parent | Initial commit. (diff) | |
download | wget-a3eed2c248067f0319cb72bcc8b5e2c7054ea6dc.tar.xz wget-a3eed2c248067f0319cb72bcc8b5e2c7054ea6dc.zip |
Adding upstream version 1.20.1.upstream/1.20.1upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'testenv/certs/make_ca.sh')
-rwxr-xr-x | testenv/certs/make_ca.sh | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/testenv/certs/make_ca.sh b/testenv/certs/make_ca.sh new file mode 100755 index 0000000..f9b5676 --- /dev/null +++ b/testenv/certs/make_ca.sh @@ -0,0 +1,23 @@ +#!/bin/sh -e + +# create a self signed CA certificate +certtool --generate-privkey --outfile ca-key.pem +certtool --generate-self-signed --load-privkey ca-key.pem --template=ca-template.cfg --outfile ca-cert.pem + +# create the server RSA private key +certtool --generate-privkey --outfile server-key.pem --rsa + +# generate a server certificate using the private key only +certtool --generate-certificate --load-privkey server-key.pem --template=server-template.cfg --outfile server-cert.pem --load-ca-certificate ca-cert.pem --load-ca-privkey ca-key.pem + +# create a CRL for the server certificate +certtool --generate-crl --load-ca-privkey ca-key.pem --load-ca-certificate ca-cert.pem --load-certificate server-cert.pem --outfile server-crl.pem --template=server-template.cfg + +# generate a public key in PEM format +openssl x509 -noout -pubkey < server-cert.pem > server-pubkey.pem + +# generate a public key in DER format +openssl x509 -noout -pubkey < server-cert.pem | openssl asn1parse -noout -inform pem -out server-pubkey.der + +# generate a sha256 hash of the public key +openssl x509 -noout -pubkey < server-cert.pem | openssl asn1parse -noout -inform pem -out /dev/stdout | openssl dgst -sha256 -binary | openssl base64 > server-pubkey-sha256.base64 |