diff options
| author | Endi S. Dewata <edewata@redhat.com> | 2017-07-20 08:42:53 +0200 |
|---|---|---|
| committer | Endi S. Dewata <edewata@redhat.com> | 2017-07-20 08:44:54 +0200 |
| commit | ecb716fcccf5143c1f97d1028a7886b984c1a5cf (patch) | |
| tree | 5a75527b9827f22db9c04d4d152137e5be8bc086 /scripts | |
| parent | 2c8b21fa6ff0f8dc3c9479db00058ff8132ba155 (diff) | |
| download | pki-dev-ecb716fcccf5143c1f97d1028a7886b984c1a5cf.tar.gz pki-dev-ecb716fcccf5143c1f97d1028a7886b984c1a5cf.tar.xz pki-dev-ecb716fcccf5143c1f97d1028a7886b984c1a5cf.zip | |
Added NSS database scripts.
Diffstat (limited to 'scripts')
| -rwxr-xr-x | scripts/nssdb-generate-audit_signing-csr.sh | 21 | ||||
| -rwxr-xr-x | scripts/nssdb-generate-sslserver-csr.sh | 21 | ||||
| -rwxr-xr-x | scripts/nssdb-generate-subsystem-csr.sh | 21 | ||||
| -rwxr-xr-x | scripts/nssdb-init.sh | 7 |
4 files changed, 70 insertions, 0 deletions
diff --git a/scripts/nssdb-generate-audit_signing-csr.sh b/scripts/nssdb-generate-audit_signing-csr.sh new file mode 100755 index 0000000..d04d0be --- /dev/null +++ b/scripts/nssdb-generate-audit_signing-csr.sh @@ -0,0 +1,21 @@ +#!/bin/sh + +certutil -R \ + -d nssdb \ + -h internal \ + -f nssdb/password.txt \ + -z nssdb/noise.bin \ + -s "CN=Audit Signing Certificate,OU=pki-tomcat,O=EXAMPLE" \ + -o audit_signing.csr.der + +openssl req -inform der -in audit_signing.csr.der -out audit_signing.csr + +#BtoA audit_signing.csr.der audit_signing.csr.pem +#echo "-----BEGIN NEW CERTIFICATE REQUEST-----" > audit_signing.csr +#cat audit_signing.csr.pem >> audit_signing.csr +#echo "-----END NEW CERTIFICATE REQUEST-----" >> audit_signing.csr + +rm audit_signing.csr.der +#rm audit_signing.csr.pem + +openssl req -text -noout -in audit_signing.csr diff --git a/scripts/nssdb-generate-sslserver-csr.sh b/scripts/nssdb-generate-sslserver-csr.sh new file mode 100755 index 0000000..f9d6ab1 --- /dev/null +++ b/scripts/nssdb-generate-sslserver-csr.sh @@ -0,0 +1,21 @@ +#!/bin/sh + +certutil -R \ + -d nssdb \ + -h internal \ + -f nssdb/password.txt \ + -z nssdb/noise.bin \ + -s "CN=$HOSTNAME,OU=pki-tomcat,O=EXAMPLE" \ + -o sslserver.csr.der + +openssl req -inform der -in sslserver.csr.der -out sslserver.csr + +#BtoA sslserver.csr.der sslserver.csr.pem +#echo "-----BEGIN NEW CERTIFICATE REQUEST-----" > sslserver.csr +#cat sslserver.csr.pem >> sslserver.csr +#echo "-----END NEW CERTIFICATE REQUEST-----" >> sslserver.csr + +rm sslserver.csr.der +#rm sslserver.csr.pem + +openssl req -text -noout -in sslserver.csr diff --git a/scripts/nssdb-generate-subsystem-csr.sh b/scripts/nssdb-generate-subsystem-csr.sh new file mode 100755 index 0000000..73f2cdb --- /dev/null +++ b/scripts/nssdb-generate-subsystem-csr.sh @@ -0,0 +1,21 @@ +#!/bin/sh + +certutil -R \ + -d nssdb \ + -h internal \ + -f nssdb/password.txt \ + -z nssdb/noise.bin \ + -s "CN=Subsystem Certificate,OU=pki-tomcat,O=EXAMPLE" \ + -o subsystem.csr.der + +openssl req -inform der -in subsystem.csr.der -out subsystem.csr + +#BtoA subsystem.csr.der subsystem.csr.pem +#echo "-----BEGIN NEW CERTIFICATE REQUEST-----" > subsystem.csr +#cat subsystem.csr.pem >> subsystem.csr +#echo "-----END NEW CERTIFICATE REQUEST-----" >> subsystem.csr + +rm subsystem.csr.der +#rm subsystem.csr.pem + +openssl req -text -noout -in subsystem.csr diff --git a/scripts/nssdb-init.sh b/scripts/nssdb-init.sh new file mode 100755 index 0000000..eb9d94e --- /dev/null +++ b/scripts/nssdb-init.sh @@ -0,0 +1,7 @@ +#!/bin/sh + +rm -rf nssdb +mkdir -p nssdb +echo Secret123 > password.internal +certutil -N -d nssdb -f password.internal +openssl rand -out noise.bin 2048 |