summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rwxr-xr-xscripts/testuser-cmc-submit.sh76
-rwxr-xr-xscripts/testuser-crmf-request.sh6
-rwxr-xr-xscripts/testuser-generate.sh11
-rwxr-xr-xscripts/testuser-pkcs10-request.sh5
-rwxr-xr-xscripts/testuser-self-submit.sh75
5 files changed, 173 insertions, 0 deletions
diff --git a/scripts/testuser-cmc-submit.sh b/scripts/testuser-cmc-submit.sh
new file mode 100755
index 0000000..d936bcb
--- /dev/null
+++ b/scripts/testuser-cmc-submit.sh
@@ -0,0 +1,76 @@
+#!/bin/sh
+
+mkdir -p tmp
+
+cat > tmp/testuser-cmc-request.cfg << EOF
+# NSS database directory.
+dbdir=$HOME/.dogtag/nssdb
+
+# NSS database password.
+password=Secret.123
+
+# Token name (default is internal).
+tokenname=internal
+
+# Nickname for agent certificate.
+nickname=caadmin
+
+# Request format: pkcs10 or crmf.
+format=pkcs10
+
+# Total number of PKCS10/CRMF requests.
+numRequests=1
+
+# Path to the PKCS10/CRMF request.
+# The content must be in Base-64 encoded format.
+# Multiple files are supported. They must be separated by space.
+input=tmp/testuser.csr
+
+# Path for the CMC request.
+output=tmp/testuser-cmc-request.bin
+EOF
+
+CMCRequest tmp/testuser-cmc-request.cfg
+
+cat > tmp/testuser-cmc-submit.cfg << EOF
+# PKI server host name.
+host=$HOSTNAME
+
+# PKI server port number.
+port=8443
+
+# Use secure connection.
+# For secure connection with ECC, set environment variable 'export NSS_USE_DECODED_CKA_EC_POINT=1'.
+secure=true
+
+# Use client authentication.
+clientmode=true
+
+# NSS database directory.
+dbdir=$HOME/.dogtag/nssdb
+
+# NSS database password.
+password=Secret.123
+
+# Token name (default: internal).
+tokenname=internal
+
+# Nickname of agent certificate.
+nickname=caadmin
+
+# CMC servlet path
+#servlet=/ca/ee/ca/profileSubmitCMCFull
+#servlet=/ca/ee/ca/profileSubmitCMCFull?profileId=caFullCMCUserSignedCert
+servlet=/ca/ee/ca/profileSubmitCMCFull?profileId=caFullCMCUserCert
+
+# Path for the CMC request.
+input=tmp/testuser-cmc-request.bin
+
+# Path for the CMC response.
+output=tmp/testuser-cmc-response.bin
+EOF
+
+HttpClient tmp/testuser-cmc-submit.cfg
+
+CMCResponse -d ~/.dogtag/nssdb -i tmp/testuser-cmc-response.bin -o tmp/testuser.crt
+
diff --git a/scripts/testuser-crmf-request.sh b/scripts/testuser-crmf-request.sh
new file mode 100755
index 0000000..af27169
--- /dev/null
+++ b/scripts/testuser-crmf-request.sh
@@ -0,0 +1,6 @@
+#!/bin/sh
+
+mkdir -p tmp
+
+pki -c Secret.123 client-cert-request "CN=testuser" --type crmf --profile caSigningUserCert
+
diff --git a/scripts/testuser-generate.sh b/scripts/testuser-generate.sh
new file mode 100755
index 0000000..09d3cdb
--- /dev/null
+++ b/scripts/testuser-generate.sh
@@ -0,0 +1,11 @@
+#!/bin/sh
+
+mkdir -p tmp
+
+PKCS10Client \
+ -d ~/.dogtag/nssdb \
+ -p Secret.123 \
+ -a rsa \
+ -l 1024 \
+ -n "UID=testuser" \
+ -o tmp/testuser.csr
diff --git a/scripts/testuser-pkcs10-request.sh b/scripts/testuser-pkcs10-request.sh
new file mode 100755
index 0000000..69ccf05
--- /dev/null
+++ b/scripts/testuser-pkcs10-request.sh
@@ -0,0 +1,5 @@
+#!/bin/sh
+
+mkdir -p tmp
+
+pki -c Secret.123 client-cert-request "UID=testuser"
diff --git a/scripts/testuser-self-submit.sh b/scripts/testuser-self-submit.sh
new file mode 100755
index 0000000..ffcc21e
--- /dev/null
+++ b/scripts/testuser-self-submit.sh
@@ -0,0 +1,75 @@
+#!/bin/sh
+
+mkdir -p tmp
+
+cat > tmp/testuser-cmc-request.cfg << EOF
+# NSS database directory.
+dbdir=$HOME/.dogtag/nssdb
+
+# NSS database password.
+password=Secret.123
+
+# Token name (default is internal).
+tokenname=internal
+
+# Nickname for agent certificate.
+nickname=caadmin
+
+# Request format: pkcs10 or crmf.
+format=pkcs10
+
+# Total number of PKCS10/CRMF requests.
+numRequests=1
+
+# Path to the PKCS10/CRMF request.
+# The content must be in Base-64 encoded format.
+# Multiple files are supported. They must be separated by space.
+input=tmp/testuser.csr
+
+# Path for the CMC request.
+output=tmp/testuser-cmc-request.bin
+EOF
+
+CMCRequest tmp/testuser-cmc-request.cfg
+
+cat > tmp/testuser-cmc-submit.cfg << EOF
+# PKI server host name.
+host=$HOSTNAME
+
+# PKI server port number.
+port=8443
+
+# Use secure connection.
+# For secure connection with ECC, set environment variable 'export NSS_USE_DECODED_CKA_EC_POINT=1'.
+secure=true
+
+# Use client authentication.
+clientmode=true
+
+# NSS database directory.
+dbdir=$HOME/.dogtag/nssdb
+
+# NSS database password.
+password=Secret.123
+
+# Token name (default: internal).
+tokenname=internal
+
+# Nickname of agent certificate.
+nickname=caadmin
+
+# CMC servlet path
+#servlet=/ca/ee/ca/profileSubmitCMCFull
+servlet=/ca/ee/ca/profileSubmitCMCFull?profileId=caFullCMCUserSignedCert
+
+# Path for the CMC request.
+input=tmp/testuser-cmc-request.bin
+
+# Path for the CMC response.
+output=tmp/testuser-cmc-response.bin
+EOF
+
+HttpClient tmp/testuser-cmc-submit.cfg
+
+CMCResponse -d ~/.dogtag/nssdb -i tmp/testuser-cmc-response.bin -o tmp/testuser.crt
+
generated by cgit (git 2.34.1) at 2024-04-24 23:54:44 +0000