From a3eed2c248067f0319cb72bcc8b5e2c7054ea6dc Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Mon, 6 May 2024 05:06:57 +0200 Subject: Adding upstream version 1.20.1. Signed-off-by: Daniel Baumann --- testenv/certs/make_ca.sh | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) create mode 100755 testenv/certs/make_ca.sh (limited to 'testenv/certs/make_ca.sh') diff --git a/testenv/certs/make_ca.sh b/testenv/certs/make_ca.sh new file mode 100755 index 0000000..f9b5676 --- /dev/null +++ b/testenv/certs/make_ca.sh @@ -0,0 +1,23 @@ +#!/bin/sh -e + +# create a self signed CA certificate +certtool --generate-privkey --outfile ca-key.pem +certtool --generate-self-signed --load-privkey ca-key.pem --template=ca-template.cfg --outfile ca-cert.pem + +# create the server RSA private key +certtool --generate-privkey --outfile server-key.pem --rsa + +# generate a server certificate using the private key only +certtool --generate-certificate --load-privkey server-key.pem --template=server-template.cfg --outfile server-cert.pem --load-ca-certificate ca-cert.pem --load-ca-privkey ca-key.pem + +# create a CRL for the server certificate +certtool --generate-crl --load-ca-privkey ca-key.pem --load-ca-certificate ca-cert.pem --load-certificate server-cert.pem --outfile server-crl.pem --template=server-template.cfg + +# generate a public key in PEM format +openssl x509 -noout -pubkey < server-cert.pem > server-pubkey.pem + +# generate a public key in DER format +openssl x509 -noout -pubkey < server-cert.pem | openssl asn1parse -noout -inform pem -out server-pubkey.der + +# generate a sha256 hash of the public key +openssl x509 -noout -pubkey < server-cert.pem | openssl asn1parse -noout -inform pem -out /dev/stdout | openssl dgst -sha256 -binary | openssl base64 > server-pubkey-sha256.base64 -- cgit v1.2.3