diff options
| author | Endi S. Dewata <edewata@redhat.com> | 2017-07-20 08:50:56 +0200 |
|---|---|---|
| committer | Endi S. Dewata <edewata@redhat.com> | 2017-07-20 08:50:56 +0200 |
| commit | 71bbe9874375a7493679c71dc3501f239765ce3f (patch) | |
| tree | 3d0d73cca62c4c3246189dea350564b04a598031 /scripts | |
| parent | 4643ca0087562376ff8e06f36f88907dc245aa1c (diff) | |
| download | pki-dev-71bbe9874375a7493679c71dc3501f239765ce3f.tar.gz pki-dev-71bbe9874375a7493679c71dc3501f239765ce3f.tar.xz pki-dev-71bbe9874375a7493679c71dc3501f239765ce3f.zip | |
Added third-party CA scripts.
Diffstat (limited to 'scripts')
| -rwxr-xr-x | scripts/third-party-create.sh | 27 | ||||
| -rwxr-xr-x | scripts/third-party-import.sh | 3 |
2 files changed, 30 insertions, 0 deletions
diff --git a/scripts/third-party-create.sh b/scripts/third-party-create.sh new file mode 100755 index 0000000..a043a5c --- /dev/null +++ b/scripts/third-party-create.sh @@ -0,0 +1,27 @@ +#!/bin/sh + +rm -rf third +mkdir third +echo Secret123 > third/password.txt +certutil -N -d third -f third/password.txt +openssl rand -out third/noise.bin 2048 + +# generate external CA certificate + +echo -e "y\n\ny\n" | \ + certutil -S \ + -d third \ + -f third/password.txt \ + -z third/noise.bin \ + -n "Third-party CA" \ + -s "CN=Third-party CA,O=OTHER" \ + -x \ + -t "CTu,Cu,Cu" \ + -m $RANDOM\ + -2 \ + --keyUsage certSigning \ + --nsCertType sslCA,smimeCA,objectSigningCA + +certutil -L -d third -n "Third-party CA" -a > third-party.crt + +openssl crl2pkcs7 -nocrl -certfile third-party.crt -out third-party.p7b diff --git a/scripts/third-party-import.sh b/scripts/third-party-import.sh new file mode 100755 index 0000000..e552b9e --- /dev/null +++ b/scripts/third-party-import.sh @@ -0,0 +1,3 @@ +#!/bin/sh + +certutil -A -d /var/lib/pki/pki-tomcat/alias -n "Third-party CA" -t "CT,C,C" -i third-party.crt |