summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorInstrumental <jonathan.gathman@att.com>2018-06-05 04:03:49 -0500
committerInstrumental <jonathan.gathman@att.com>2018-06-05 04:04:08 -0500
commit8601af6961266538a0dd39e36a90a7cd483df029 (patch)
tree43d7f312294b146d62d322641e7716008493fb15
parentfb319cb5dbe50fc606844c0cae866529ae0b25f2 (diff)
Create 5 year Intermediate Certificate
Issue-ID: AAF-346 Change-Id: Ifb48c81dfd3c3f603d74f20ff309ef99ce6f1eca Signed-off-by: Instrumental <jonathan.gathman@att.com>
-rw-r--r--conf/CA/intermediate.sh57
-rw-r--r--conf/CA/newIntermediate.sh3
2 files changed, 2 insertions, 58 deletions
diff --git a/conf/CA/intermediate.sh b/conf/CA/intermediate.sh
deleted file mode 100644
index b2071504..00000000
--- a/conf/CA/intermediate.sh
+++ /dev/null
@@ -1,57 +0,0 @@
-#
-# Initialize a manual Cert. This is NOT entered in Certman Records
-#
- if [ -e intermediate.serial ]; then
- ((SERIAL=`cat intermediate.serial` + 1))
- else
- SERIAL=1
- fi
- echo $SERIAL > intermediate.serial
-DIR=intermediate_$SERIAL
-
-mkdir -p $DIR/private $DIR/certs $DIR/newcerts
-chmod 700 $DIR/private
-chmod 755 $DIR/certs $DIR/newcerts
-touch $DIR/index.txt
-if [ ! -e $DIR/serial ]; then
- echo '01' > $DIR/serial
-fi
-cp manual.sh p12.sh subject.aaf $DIR
-
-if [ "$1" == "" ]; then
- CN=intermediateCA_$SERIAL
-else
- CN=$1
-fi
-
-SUBJECT="/CN=$CN`cat subject.aaf`"
-echo $SUBJECT
- echo "IMPORTANT: If for any reason, you kill this process, type 'stty sane'"
- echo "Enter the PassPhrase for the Key for $CN: "
- `stty -echo`
- read PASSPHRASE
- `stty echo`
-
- # Create a regaular rsa encrypted key
- openssl req -new -newkey rsa:4096 -sha256 -keyout $DIR/private/ca.key \
- -out $DIR/$CN.csr -outform PEM -subj "$SUBJECT" \
- -passout stdin << EOF
-$PASSPHRASE
-EOF
-
- chmod 400 $DIR/private/$CN.key
- openssl req -verify -text -noout -in $DIR/$CN.csr
-
- # Sign it
- openssl ca -config openssl.conf -extensions v3_intermediate_ca \
- -cert certs/ca.crt -keyfile private/ca.key -out $DIR/certs/ca.crt \
- -infiles $DIR/$CN.csr
-
- openssl x509 -text -noout -in $DIR/certs/ca.crt
-
-
- openssl verify -CAfile certs/ca.crt $DIR/certs/ca.crt
-
-
-
-
diff --git a/conf/CA/newIntermediate.sh b/conf/CA/newIntermediate.sh
index 88b524b9..94103051 100644
--- a/conf/CA/newIntermediate.sh
+++ b/conf/CA/newIntermediate.sh
@@ -44,7 +44,8 @@ EOF
# Sign it
openssl ca -config openssl.conf -extensions v3_intermediate_ca \
- -cert certs/ca.crt -keyfile private/ca.key -out $DIR/certs/ca.crt \
+ -days 1826 \
+ -cert certs/ca.crt -keyfile private/ca.key -out $DIR/certs/ca.crt \
-infiles $DIR/$CN.csr
openssl x509 -text -noout -in $DIR/certs/ca.crt