-
Notifications
You must be signed in to change notification settings - Fork 0
/
Makefile
67 lines (56 loc) · 1.7 KB
/
Makefile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
-.PHONY: all
clean:
rm -rf ca/
rm -rf certs/
rm -rf crl/
ca-dir:
mkdir -p ca/root-ca/private ca/root-ca/db crl certs
chmod 700 ca/root-ca/private
cp /dev/null ca/root-ca/db/root-ca.db
cp /dev/null ca/root-ca/db/root-ca.db.attr
echo 01 > ca/root-ca/db/root-ca.crt.srl
echo 01 > ca/root-ca/db/root-ca.crl.srl
root-csr: ca-dir
openssl req -new \
-config root-ca.conf \
-out ca/root-ca.csr \
-keyout ca/root-ca/private/root-ca.key
root-crt:
openssl ca -selfsign \
-config root-ca.conf \
-in ca/root-ca.csr \
-out ca/root-ca.crt \
-extensions root_ca_ext
signing-dir:
mkdir -p ca/signing-ca/private ca/signing-ca/db crl certs
cp /dev/null ca/signing-ca/db/signing-ca.db
cp /dev/null ca/signing-ca/db/signing-ca.db.attr
echo 01 > ca/signing-ca/db/signing-ca.crt.srl
echo 01 > ca/signing-ca/db/signing-ca.crl.srl
signing-csr: signing-dir
openssl req -new \
-config signing-ca.conf \
-out ca/signing-ca.csr \
-keyout ca/signing-ca/private/signing-ca.key
signing-crt:
openssl ca \
-config root-ca.conf \
-in ca/signing-ca.csr \
-out ca/signing-ca.crt \
-extensions signing_ca_ext
cheese-csr:
openssl req -new \
-config server.conf \
-out certs/cheese.org.csr \
-keyout certs/cheese.org.key
cheese-crt:
openssl ca \
-config signing-ca.conf \
-in certs/cheese.org.csr \
-out certs/cheese.org.crt \
-extensions server_ext
minimal-crt:
openssl genrsa -out certs/minimal.key 2048
openssl req -new -key certs/minimal.key -out certs/minimal.csr
openssl x509 -req -in certs/minimal.csr -CA ca/signing-ca.crt -CAkey ca/signing-ca/private/signing-ca.key -CAcreateserial -out certs/minimal.crt -days 1024 -sha256
all: clean root-csr root-crt signing-csr signing-crt cheese-csr cheese-crt minimal-crt