]>
git.argeo.org Git - lgpl/argeo-commons.git/blob - demo/ssl/ssl.sh
3 # COMPLETELY UNSAFE - FOR DEVELOPMENT ONLY
4 # Run this script from its directory
6 export OPENSSL_CONF
=.
/openssl.cnf
9 /etc
/pki
/tls
/misc
/CA
-newca
11 openssl req
-x509 -new -newkey rsa
:1024 -extensions server_ext
-days 3650 \
12 -subj /C
=DE
/ST
=Berlin
/O
=Example
/OU
=Systems
/CN
=localhost
/ \
13 -keyout newkey.pem
-passout pass
:demo
-out newcrt.pem
15 openssl pkcs12
-export -passin pass
:demo
-passout pass
:changeit \
16 -name "jetty" -inkey newkey.pem
-in newcrt.pem \
19 # Convert PKCS12 keystore into a JKS keystore
20 keytool
-importkeystore \
21 -srckeystore server.p12
-srcstoretype pkcs12
-srcstorepass changeit \
22 -alias jetty
-destkeystore server.jks
-deststorepass changeit
26 keytool
-importcert -keystore server.jks
-storepass changeit \
27 -alias CA
-file CA
/cacert.pem
30 openssl req
-new -newkey rsa
:1024 -extensions server_ext
-days 3650 \
31 -subj /C
=DE
/ST
=Berlin
/O
=Example
/OU
=People
/CN
=root
/ \
32 -keyout newkey.pem
-passout pass
:demo
-out newcsr.pem
33 openssl ca
-batch -passin pass
:demo
-in newcsr.pem
-out newcrt.pem
34 openssl pkcs12
-export -passin pass
:demo
-passout pass
:demo \
35 -name "root" -inkey newkey.pem
-in newcrt.pem \
39 openssl req
-new -newkey rsa
:1024 -extensions server_ext
-days 3650 \
40 -subj /C
=DE
/ST
=Berlin
/O
=Example
/OU
=People
/CN
=demo
/ \
41 -keyout newkey.pem
-passout pass
:demo
-out newcsr.pem
42 openssl ca
-batch -passin pass
:demo
-in newcsr.pem
-out newcrt.pem
43 openssl pkcs12
-export -passin pass
:demo
-passout pass
:demo \
44 -name "demo" -inkey newkey.pem
-in newcrt.pem \
49 #rm -vf root.csr root.key root.crt
50 #rm -vf server.p12 server.crt server.key