aboutsummaryrefslogtreecommitdiffstats
path: root/certs/Makefile
diff options
context:
space:
mode:
Diffstat (limited to 'certs/Makefile')
-rw-r--r--certs/Makefile111
1 files changed, 0 insertions, 111 deletions
diff --git a/certs/Makefile b/certs/Makefile
deleted file mode 100644
index de797a53..00000000
--- a/certs/Makefile
+++ /dev/null
@@ -1,111 +0,0 @@
-all: step_1 step_2 step_3 step_4 step_5 step_6 step_7 step_8 step_9 step_10 step_11 step_12 step_13 step_14 step_15
-.PHONY: all
-#Clear certificates
-clear:
- @echo "Clear certificates"
- rm certServiceClient-keystore.jks certServiceServer-keystore.jks root.crt truststore.jks certServiceServer-keystore.p12
- @echo "#####done#####"
-
-#Generate root private and public keys
-step_1:
- @echo "Generate root private and public keys"
- keytool -genkeypair -v -alias root -keyalg RSA -keysize 4096 -validity 3650 -keystore root-keystore.jks \
- -dname "CN=onap.org, OU=ONAP, O=Linux-Foundation, L=San-Francisco, ST=California, C=US" -keypass secret \
- -storepass secret -ext BasicConstraints:critical="ca:true"
- @echo "#####done#####"
-
-#Export public key as certificate
-step_2:
- @echo "(Export public key as certificate)"
- keytool -exportcert -alias root -keystore root-keystore.jks -storepass secret -file root.crt -rfc
- @echo "#####done#####"
-
-#Self-signed root (import root certificate into truststore)
-step_3:
- @echo "(Self-signed root (import root certificate into truststore))"
- keytool -importcert -alias root -keystore truststore.jks -file root.crt -storepass secret -noprompt
- @echo "#####done#####"
-
-#Generate certService's client private and public keys
-step_4:
- @echo "Generate certService's client private and public keys"
- keytool -genkeypair -v -alias certServiceClient -keyalg RSA -keysize 2048 -validity 365 \
- -keystore certServiceClient-keystore.jks -storetype JKS \
- -dname "CN=onap.org,OU=ONAP,O=Linux-Foundation,L=San-Francisco,ST=California,C=US" \
- -keypass secret -storepass secret
- @echo "####done####"
-
-#Generate certificate signing request for certService's client
-step_5:
- @echo "Generate certificate signing request for certService's client"
- keytool -certreq -keystore certServiceClient-keystore.jks -alias certServiceClient -storepass secret -file certServiceClient.csr
- @echo "####done####"
-
-#Sign certService's client certificate by root CA
-step_6:
- @echo "Sign certService's client certificate by root CA"
- keytool -gencert -v -validity 365 -keystore root-keystore.jks -storepass secret -alias root \
- -infile certServiceClient.csr -outfile certServiceClientByRoot.crt -rfc -ext bc=0 \
- -ext ExtendedkeyUsage="serverAuth,clientAuth"
- @echo "####done####"
-
-#Import root certificate into client
-step_7:
- @echo "Import root certificate into intermediate"
- cat root.crt >> certServiceClientByRoot.crt
- @echo "####done####"
-
-#Import signed certificate into certService's client
-step_8:
- @echo "Import signed certificate into certService's client"
- keytool -importcert -file certServiceClientByRoot.crt -destkeystore certServiceClient-keystore.jks -alias certServiceClient -storepass secret -noprompt
- @echo "####done####"
-
-#Generate certService private and public keys
-step_9:
- @echo "Generate certService private and public keys"
- keytool -genkeypair -v -alias aaf-cert-service -keyalg RSA -keysize 2048 -validity 365 \
- -keystore certServiceServer-keystore.jks -storetype JKS \
- -dname "CN=onap.org,OU=ONAP,O=Linux-Foundation,L=San-Francisco,ST=California,C=US" \
- -keypass secret -storepass secret -ext BasicConstraints:critical="ca:false"
- @echo "####done####"
-
-#Generate certificate signing request for certService
-step_10:
- @echo "Generate certificate signing request for certService"
- keytool -certreq -keystore certServiceServer-keystore.jks -alias aaf-cert-service -storepass secret -file certServiceServer.csr
- @echo "####done####"
-
-#Sign certService certificate by root CA
-step_11:
- @echo "Sign certService certificate by root CA"
- keytool -gencert -v -validity 365 -keystore root-keystore.jks -storepass secret -alias root \
- -infile certServiceServer.csr -outfile certServiceServerByRoot.crt -rfc -ext bc=0 \
- -ext ExtendedkeyUsage="serverAuth,clientAuth" -ext SubjectAlternativeName:="DNS:aaf-cert-service,DNS:localhost"
- @echo "####done####"
-
-#Import root certificate into server
-step_12:
- @echo "Import root certificate into intermediate(server)"
- cat root.crt >> certServiceServerByRoot.crt
- @echo "####done####"
-
-#Import signed certificate into certService
-step_13:
- @echo "Import signed certificate into certService"
- keytool -importcert -file certServiceServerByRoot.crt -destkeystore certServiceServer-keystore.jks -alias aaf-cert-service \
- -storepass secret -noprompt
- @echo "####done####"
-
-#Convert certServiceServer-keystore(.jks) to PCKS12 format(.p12)
-step_14:
- @echo "Convert certServiceServer-keystore(.jks) to PCKS12 format(.p12)"
- keytool -importkeystore -srckeystore certServiceServer-keystore.jks -srcstorepass secret \
- -destkeystore certServiceServer-keystore.p12 -deststoretype PKCS12 -deststorepass secret
- @echo "#####done#####"
-
-#Clear unused certificates
-step_15:
- @echo "Clear unused certificates"
- rm certServiceClientByRoot.crt certServiceClient.csr root-keystore.jks certServiceServerByRoot.crt certServiceServer.csr
- @echo "#####done#####"