37 lines
1.4 KiB
Plaintext
37 lines
1.4 KiB
Plaintext
|
#!/bin/bash -eu
|
||
|
|
||
|
##############################################################################
|
||
|
#
|
||
|
# Generate Certificates for PyDTLS Unit Testing
|
||
|
#
|
||
|
# This script is invoked manually (as opposed to by the unit test suite), in
|
||
|
# order to generate certain certificates that are required to be valid by
|
||
|
# the unit test suite.
|
||
|
#
|
||
|
# This script is not portable: it has been tested on Ubuntu 13.04 only. New
|
||
|
# certificates are written into the current directory.
|
||
|
#
|
||
|
# Copyright 2014 Ray Brown
|
||
|
#
|
||
|
##############################################################################
|
||
|
|
||
|
DIR=`dirname "$0"`
|
||
|
|
||
|
# Generate self-signed certificate for the certificate authority
|
||
|
echo Generating CA...; echo
|
||
|
openssl req -config "$DIR/openssl_ca.cnf" -x509 -newkey rsa -nodes -keyout tmp_ca.key -out ca-cert.pem -days 3650
|
||
|
|
||
|
# Generate a certificate request
|
||
|
echo Generating certificate request...; echo
|
||
|
openssl req -config "$DIR/openssl_server.cnf" -newkey rsa -nodes -keyout tmp_server.key -out tmp_server.req
|
||
|
|
||
|
# Sign the request with the certificate authority's certificate created above
|
||
|
echo Signing certificate request...; echo
|
||
|
openssl x509 -req -in tmp_server.req -CA ca-cert.pem -CAkey tmp_ca.key -CAcreateserial -days 3650 -out server-cert.pem
|
||
|
|
||
|
# Build pem file with private and public keys, ready for unprompted server use
|
||
|
cat tmp_server.key server-cert.pem > keycert.pem
|
||
|
|
||
|
# Clean up
|
||
|
rm tmp_ca.key tmp_server.key tmp_server.req ca-cert.srl
|