diff options
author | Endi S. Dewata <edewata@redhat.com> | 2017-10-20 21:30:52 +0200 |
---|---|---|
committer | Endi S. Dewata <edewata@redhat.com> | 2017-10-20 21:31:27 +0200 |
commit | 1cbf6fc8c9381f0835530dc0753f7c7af7502d88 (patch) | |
tree | 7c874c3cb422f8719fe49ffbdb67fa0273964bb0 /scripts/nssdb-admin-sign.sh | |
parent | a2412da7c00eceb51aa946fcd120ae9441e94e33 (diff) | |
download | pki-dev-1cbf6fc8c9381f0835530dc0753f7c7af7502d88.tar.gz pki-dev-1cbf6fc8c9381f0835530dc0753f7c7af7502d88.tar.xz pki-dev-1cbf6fc8c9381f0835530dc0753f7c7af7502d88.zip |
Added NSSDB scripts.
Diffstat (limited to 'scripts/nssdb-admin-sign.sh')
-rwxr-xr-x | scripts/nssdb-admin-sign.sh | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/scripts/nssdb-admin-sign.sh b/scripts/nssdb-admin-sign.sh new file mode 100755 index 0000000..ff85f2e --- /dev/null +++ b/scripts/nssdb-admin-sign.sh @@ -0,0 +1,25 @@ +#!/bin/sh + +AKID="`cat nssdb/ca_signing.skid`" +echo "AKID: ${AKID}" + +OCSP="`cat nssdb/ocsp_url`" +echo "OCSP: ${OCSP}" + +echo -e "y\n${AKID}\n\n\n\n2\n7\n${OCSP}\n\n\n\n" | \ + certutil -C \ + -d nssdb \ + -f nssdb/password.txt \ + -m $RANDOM \ + -a \ + -i nssdb/admin.csr \ + -o nssdb/admin.crt \ + -c "ca_signing" \ + -3 \ + --extAIA \ + --keyUsage critical,dataEncipherment,keyEncipherment,digitalSignature,nonRepudiation \ + --extKeyUsage clientAuth,emailProtection + +certutil -A -d nssdb -n "admin" -i nssdb/admin.crt -t ",," + +openssl x509 -text -noout -in nssdb/admin.crt |