From 31d847ed8562bc6169fd8c33af93302d67ab074e Mon Sep 17 00:00:00 2001
From: Instrumental <jcgmisc@stl.gathman.org>
Date: Mon, 26 Mar 2018 14:17:19 -0700
Subject: AT&T 2.0.19 Code drop, stage 6

Issue-ID: AAF-197
Change-Id: I77f26db1f34bea217888faaa28d4dc79f6edb804
Signed-off-by: Instrumental <jcgmisc@stl.gathman.org>
---
 conf/CA/README.txt | 38 ++++++++++++++++++++++++++++++++++++++
 1 file changed, 38 insertions(+)
 create mode 100644 conf/CA/README.txt

(limited to 'conf/CA/README.txt')

diff --git a/conf/CA/README.txt b/conf/CA/README.txt
new file mode 100644
index 00000000..0fd261f2
--- /dev/null
+++ b/conf/CA/README.txt
@@ -0,0 +1,38 @@
+#
+# NOTE: This README is "bash" capable.  bash README.txt
+#
+# create simple but reasonable directory structure
+mkdir -p private certs newcerts
+chmod 700 private
+chmod 755 certs newcerts
+touch index.txt
+echo '01' > serial
+
+echo "IMPORTANT: If for any reason, you kill this process, type 'stty sane'"
+echo "Enter the PassPhrase for your Key: "
+`stty -echo`
+#read PASSPHRASE
+PASSPHRASE=HunkyDoryDickoryDock
+`stty echo`
+
+# Create a regaular rsa encrypted key
+openssl genrsa -aes256 -out private/ca.ekey -passout stdin 4096 << EOF
+$PASSPHRASE
+EOF
+
+# Move to a Java readable time, not this one is NOT Encrypted.
+openssl pkcs8 -in private/ca.ekey -topk8 -nocrypt -out private/ca.key -passin stdin << EOF
+$PASSPHRASE
+EOF
+chmod 400 private/ca.key private/ca.ekey
+
+# Generate a CA Certificate
+openssl req -config openssl.conf \
+      -key private/ca.key \
+      -new -x509 -days 7300 -sha256 -extensions v3_ca \
+      -out certs/ca.crt << EOF
+$PASSPHRASE
+EOF
+
+# All done, print result
+openssl x509 -text -noout -in certs/ca.crt
-- 
cgit 1.2.3-korg