From 19fcec84d8d7d21e796c7624e521b60d28ee21ed Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Sun, 7 Apr 2024 20:45:59 +0200
Subject: Adding upstream version 16.2.11+ds.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 src/civetweb/resources/cert/make_certs.sh | 64 +++++++++++++++++++++++++++++++
 1 file changed, 64 insertions(+)
 create mode 100644 src/civetweb/resources/cert/make_certs.sh

(limited to 'src/civetweb/resources/cert/make_certs.sh')

diff --git a/src/civetweb/resources/cert/make_certs.sh b/src/civetweb/resources/cert/make_certs.sh
new file mode 100644
index 000000000..b4b6714cc
--- /dev/null
+++ b/src/civetweb/resources/cert/make_certs.sh
@@ -0,0 +1,64 @@
+#!/bin/sh
+#using "pass" for every password
+
+echo "Generating client certificate ..."
+
+openssl genrsa -des3 -out client.key 2048
+openssl req -new -key client.key -out client.csr
+
+cp client.key client.key.orig
+
+openssl rsa -in client.key.orig -out client.key
+
+openssl x509 -req -days 3650 -in client.csr -signkey client.key -out client.crt
+
+cp client.crt client.pem
+cat client.key >> client.pem
+
+openssl pkcs12 -export -inkey client.key -in client.pem -name ClientName -out client.pfx
+
+
+echo "Generating first server certificate ..."
+
+openssl genrsa -des3 -out server.key 2048
+openssl req -new -key server.key -out server.csr
+
+cp server.key server.key.orig
+
+openssl rsa -in server.key.orig -out server.key
+
+openssl x509 -req -days 3650 -in server.csr -signkey server.key -out server.crt
+
+cp server.crt server.pem
+cat server.key >> server.pem
+
+openssl pkcs12 -export -inkey server.key -in server.pem -name ServerName -out server.pfx
+
+echo "First server certificate hash for Public-Key-Pins header:"
+
+openssl x509 -pubkey < server.crt | openssl pkey -pubin -outform der | openssl dgst -sha256 -binary | base64 > server.pin
+
+cat server.pin
+
+echo "Generating backup server certificate ..."
+
+openssl genrsa -des3 -out server_bkup.key 2048
+openssl req -new -key server_bkup.key -out server_bkup.csr
+
+cp server_bkup.key server_bkup.key.orig
+
+openssl rsa -in server_bkup.key.orig -out server_bkup.key
+
+openssl x509 -req -days 3650 -in server_bkup.csr -signkey server_bkup.key -out server_bkup.crt
+
+cp server_bkup.crt server_bkup.pem
+cat server_bkup.key >> server_bkup.pem
+
+openssl pkcs12 -export -inkey server_bkup.key -in server_bkup.pem -name ServerName -out server_bkup.pfx
+
+echo "Backup server certificate hash for Public-Key-Pins header:"
+
+openssl x509 -pubkey < server_bkup.crt | openssl pkey -pubin -outform der | openssl dgst -sha256 -binary | base64 > server_bkup.pin
+
+cat server_bkup.pin
+
-- 
cgit v1.2.3