diff options
author | Instrumental <jonathan.gathman@att.com> | 2018-06-05 04:03:49 -0500 |
---|---|---|
committer | Instrumental <jonathan.gathman@att.com> | 2018-06-05 04:04:08 -0500 |
commit | 8601af6961266538a0dd39e36a90a7cd483df029 (patch) | |
tree | 43d7f312294b146d62d322641e7716008493fb15 | |
parent | fb319cb5dbe50fc606844c0cae866529ae0b25f2 (diff) |
Create 5 year Intermediate Certificate
Issue-ID: AAF-346
Change-Id: Ifb48c81dfd3c3f603d74f20ff309ef99ce6f1eca
Signed-off-by: Instrumental <jonathan.gathman@att.com>
-rw-r--r-- | conf/CA/intermediate.sh | 57 | ||||
-rw-r--r-- | conf/CA/newIntermediate.sh | 3 |
2 files changed, 2 insertions, 58 deletions
diff --git a/conf/CA/intermediate.sh b/conf/CA/intermediate.sh deleted file mode 100644 index b2071504..00000000 --- a/conf/CA/intermediate.sh +++ /dev/null @@ -1,57 +0,0 @@ -# -# Initialize a manual Cert. This is NOT entered in Certman Records -# - if [ -e intermediate.serial ]; then - ((SERIAL=`cat intermediate.serial` + 1)) - else - SERIAL=1 - fi - echo $SERIAL > intermediate.serial -DIR=intermediate_$SERIAL - -mkdir -p $DIR/private $DIR/certs $DIR/newcerts -chmod 700 $DIR/private -chmod 755 $DIR/certs $DIR/newcerts -touch $DIR/index.txt -if [ ! -e $DIR/serial ]; then - echo '01' > $DIR/serial -fi -cp manual.sh p12.sh subject.aaf $DIR - -if [ "$1" == "" ]; then - CN=intermediateCA_$SERIAL -else - CN=$1 -fi - -SUBJECT="/CN=$CN`cat subject.aaf`" -echo $SUBJECT - echo "IMPORTANT: If for any reason, you kill this process, type 'stty sane'" - echo "Enter the PassPhrase for the Key for $CN: " - `stty -echo` - read PASSPHRASE - `stty echo` - - # Create a regaular rsa encrypted key - openssl req -new -newkey rsa:4096 -sha256 -keyout $DIR/private/ca.key \ - -out $DIR/$CN.csr -outform PEM -subj "$SUBJECT" \ - -passout stdin << EOF -$PASSPHRASE -EOF - - chmod 400 $DIR/private/$CN.key - openssl req -verify -text -noout -in $DIR/$CN.csr - - # Sign it - openssl ca -config openssl.conf -extensions v3_intermediate_ca \ - -cert certs/ca.crt -keyfile private/ca.key -out $DIR/certs/ca.crt \ - -infiles $DIR/$CN.csr - - openssl x509 -text -noout -in $DIR/certs/ca.crt - - - openssl verify -CAfile certs/ca.crt $DIR/certs/ca.crt - - - - diff --git a/conf/CA/newIntermediate.sh b/conf/CA/newIntermediate.sh index 88b524b9..94103051 100644 --- a/conf/CA/newIntermediate.sh +++ b/conf/CA/newIntermediate.sh @@ -44,7 +44,8 @@ EOF # Sign it openssl ca -config openssl.conf -extensions v3_intermediate_ca \ - -cert certs/ca.crt -keyfile private/ca.key -out $DIR/certs/ca.crt \ + -days 1826 \ + -cert certs/ca.crt -keyfile private/ca.key -out $DIR/certs/ca.crt \ -infiles $DIR/$CN.csr openssl x509 -text -noout -in $DIR/certs/ca.crt |