Quick and dirty CA with bash and dialog

This is my quick shell script wrapper using dialog to create a new signed key with my own CA.

#!/bin/bash
 
set -e
 
hostname=`dialog --stdout --clear --inputbox "hostname (pl: www.tricon.hu)" 8 50`
hostmaster=`dialog --stdout --clear --inputbox "hostmaster e-mail (pl: hostmaster@tricon.hu)" 8 50`
 
cp reqtemplate_openssl.cnf reqs/$hostname.req.openssl.conf
rpl "|HOSTNAME|" "$hostname" reqs/$hostname.req.openssl.conf
rpl "|HOSTMASTER|" "$hostmaster" reqs/$hostname.req.openssl.conf
 
openssl req -new -nodes -out reqs/$hostname.req.pem -keyout keys/$hostname.key.pem -config reqs/$hostname.req.openssl.conf
openssl ca -out certs/$hostname.cert.pem -config ./openssl.cnf -infiles reqs/$hostname.req.pem
 
echo "Kesz, ezt a ket fajlt kell hasznalnod:"
echo "keys/$hostname.key.pem"
echo "certs/$hostname.cert.pem"
echo ""
echo "A CA cert a cacert.pem fajlban van, ezt kell telepiteni a kliensekben"
echo ""
echo "Az /etc/CA konyvtarban es alkonyvtaraiban fajlokat torolni, atnevezni TILOS!"

contents of reqtemplate_openssl.cnf follows:

#
# OpenSSL configuration file.
#

[ req ]
default_bits            = 1024                  # Size of keys
default_md              = md5                   # message digest algorithm
default_keyfile		= keys/|HOSTNAME|.key.pem
string_mask             = nombstr               # permitted characters
distinguished_name      = req_distinguished_name
req_extensions          = v3_req
prompt			= no

[ req_distinguished_name ]
countryName                     = HU
stateOrProvinceName             = Budapest
localityName                    = Budapest
organizationName                = TRICON
organizationalUnitName          = |HOSTNAME|
commonName                      = |HOSTNAME|
emailAddress                    = |HOSTMASTER|

[ v3_req ]
basicConstraints        = CA:FALSE
subjectKeyIdentifier    = hash

Linkbacks

Use the following URL for manually sending trackbacks: http://rigo.info/lib/plugins/linkback/exe/trackback.php/en:blog:quick_and_dirty_ca_with_bash_and_dialog
en/blog/quick_and_dirty_ca_with_bash_and_dialog.txt · Utolsó módosítás: 2009-04-14 00:00 (külső szerkesztés)
CC Attribution-Noncommercial-Share Alike 4.0 International
www.chimeric.de Valid CSS Driven by DokuWiki do yourself a favour and use a real browser - get firefox!! Recent changes RSS feed Valid XHTML 1.0