Newer
Older
#!/bin/bash
echo "Cleaning"
rm -v privkey.pem ca.pem server.req file.srl client.key client.req server.key
echo "Generate a CA"
openssl req -out ca.pem -new -x509
cat privkey.pem ca.pem > root.pm
echo "----"
echo "Generate server certificate/key pair -- no password required"
openssl genrsa -out server.key 1024
openssl req -key server.key -new -out server.req
echo "00" > file.srl
openssl x509 -req -in server.req -CA ca.pem -CAkey privkey.pem -CAserial file.srl -out server.pem
cat server.key server.pem > temp
mv temp server.pem
echo "----"
echo "Generate client certificate/key pair"
en=0
if [ $en -eq 1 ]
then
openssl genrsa -des3 -out client.key 1024
else
openssl genrsa -out client.key 1024
fi
openssl req -key client.key -new -out client.req
#echo "00" > file.srl # does this need to be changed?
openssl x509 -req -in client.req -CA ca.pem -CAkey privkey.pem -CAserial file.srl -out client.pem
cat client.key client.pem > temp
mv temp client.pem