X-Git-Url: http://git.argeo.org/?a=blobdiff_plain;f=demo%2Fssl%2Fssl.txt;h=788ab49fa0a53f0d70fb90786b242003543fcc2c;hb=ca3af7f7813ff3edc59d9c2130c08e568c1965e7;hp=95a24ca3ff853f60999057785f1138e119f996cc;hpb=2cfccc5b921ec8f53c0b28e8b54d2db205b7f95e;p=lgpl%2Fargeo-commons.git

diff --git a/demo/ssl/ssl.txt b/demo/ssl/ssl.txt
index 95a24ca3f..788ab49fa 100644
--- a/demo/ssl/ssl.txt
+++ b/demo/ssl/ssl.txt
@@ -1,21 +1,32 @@
-# In demo all key and stores passwords are 'changeit'
+# Password for all users and teh CA is 'demo'
+# Password for all key- and truststores is 'changeit'
+
+# Clean
+# rm server.*
 
 # Create CA
 openssl genrsa -des3 -out ca.key 4096
-openssl req -new -x509 -days 365 -key ca.key -out ca.crt
+openssl req -new -x509 -days 3650 -key ca.key -out ca.crt
+
+# Create Keystore and Truststore and add CA to them
+keytool -import -keystore server.ts -file ca.crt -alias ArgeoDemoCA
+keytool -import -keystore server.ks -file ca.crt -alias ArgeoDemoCA
 
 # Tomcat Server
+# (we must use keytool)
 keytool -genkey -alias tomcat -keyalg RSA -keysize 4096 -keystore server.ks
 keytool -certreq -alias tomcat -keystore server.ks -file tomcat.csr
 openssl x509 -req -set_serial 02 -days 3650 -in tomcat.csr -CA ca.crt -CAkey ca.key -out tomcat.crt
-keytool -import -keystore server.ts -file ca.crt -alias ArgeoDemoCA
+keytool -importcert -alias tomcat -keystore server.ks -file tomcat.crt
 
 # Root User
-#keytool -genkey -alias root@demo -keyalg RSA -keysize 4096 -keystore root@demo.ks
-#keytool -certreq -alias root@demo -keystore root@demo.ks -file root@demo.csr
-
 openssl genrsa -des3 -out root@demo.key 4096 
 openssl req -new -key root@demo.key -out root@demo.csr
 openssl x509 -req -set_serial 03 -days 3650 -in root@demo.csr -CA ca.crt -CAkey ca.key -out root@demo.crt
-
 openssl pkcs12 -export -out root@demo.p12 -inkey root@demo.key -in root@demo.crt -certfile ca.crt
+
+# Demo User
+openssl genrsa -des3 -out demo@demo.key 4096 
+openssl req -new -key demo@demo.key -out demo@demo.csr
+openssl x509 -req -set_serial 04 -days 3650 -in demo@demo.csr -CA ca.crt -CAkey ca.key -out demo@demo.crt
+openssl pkcs12 -export -out demo@demo.p12 -inkey demo@demo.key -in demo@demo.crt -certfile ca.crt