]>
git.argeo.org Git - lgpl/argeo-commons.git/blob - demo/ssl/ssl.sh
89009735eb31d55bd2d5ac289c91053147099e36
3 # COMPLETELY UNSAFE - FOR DEVELOPMENT ONLY
4 # Run this script from its directory
5 # all *.p12 passwords are 'demo'
6 # all *.jks passwords are 'changeit'
8 export OPENSSL_CONF
=.
/openssl.cnf
11 /etc
/pki
/tls
/misc
/CA
-newca
13 openssl req
-x509 -new -newkey rsa
:1024 -extensions server_ext
-days 3650 \
14 -subj /C
=DE
/ST
=Berlin
/O
=Example
/OU
=Systems
/CN
=localhost
/ \
15 -keyout newkey.pem
-passout pass
:demo
-out newcrt.pem
17 openssl pkcs12
-export -passin pass
:demo
-passout pass
:changeit \
18 -name "jetty" -inkey newkey.pem
-in newcrt.pem \
21 # Convert PKCS12 keystore into a JKS keystore
22 keytool
-importkeystore \
23 -srckeystore server.p12
-srcstoretype pkcs12
-srcstorepass changeit \
24 -alias jetty
-destkeystore server.jks
-deststorepass changeit
28 keytool
-importcert -keystore server.jks
-storepass changeit \
29 -alias CA
-file CA
/cacert.pem
32 openssl req
-new -newkey rsa
:1024 -extensions server_ext
-days 3650 \
33 -subj /C
=DE
/ST
=Berlin
/O
=Example
/OU
=People
/CN
=root
/ \
34 -keyout newkey.pem
-passout pass
:demo
-out newcsr.pem
35 openssl ca
-batch -passin pass
:demo
-in newcsr.pem
-out newcrt.pem
36 openssl pkcs12
-export -passin pass
:demo
-passout pass
:demo \
37 -name "root" -inkey newkey.pem
-in newcrt.pem \
41 openssl req
-new -newkey rsa
:1024 -extensions server_ext
-days 3650 \
42 -subj /C
=DE
/ST
=Berlin
/O
=Example
/OU
=People
/CN
=demo
/ \
43 -keyout newkey.pem
-passout pass
:demo
-out newcsr.pem
44 openssl ca
-batch -passin pass
:demo
-in newcsr.pem
-out newcrt.pem
45 openssl pkcs12
-export -passin pass
:demo
-passout pass
:demo \
46 -name "demo" -inkey newkey.pem
-in newcrt.pem \