oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

gen ec-cert

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24654 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2009-02-07 15:13:19 +00:00
parent 929121644a
commit 9d14f64819
1 changed files with 5 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
lib/hx509/data/gen-req.sh
View File

@@ -5,15 +5,16 @@
# otherName section for pkinit certificates.
#
openssl=$HOME/src/openssl/openssl-0.9.8e/apps/openssl
openssl=openssl
gen_cert()
{
keytype=${6:-rsa:1024}
${openssl} req \
-new \
-subj "$1" \
-config openssl.cnf \
-newkey rsa:1024 \
-newkey $keytype \
-sha1 \
-nodes \
-keyout out.key \
@@ -78,6 +79,8 @@ gen_cert "/CN=Revoke cert/C=SE" "ca" "revoke" "usr"
gen_cert "/CN=Test cert KeyEncipherment/C=SE" "ca" "test-ke-only" "usr_ke"
gen_cert "/CN=Test cert DigitalSignature/C=SE" "ca" "test-ds-only" "usr_ds"
gen_cert "/CN=pkinit/C=SE" "ca" "pkinit" "pkinit_client"
$openssl ecparam -name secp256r1 -out eccurve.pem
gen_cert "/CN=pkinit-ec/C=SE" "ca" "pkinit" "pkinit_client" "XXX" ec:eccurve.pem
gen_cert "/C=SE/CN=pkinit/CN=pkinit-proxy" "pkinit" "proxy" "proxy_cert" pkinit-proxy
gen_cert "/CN=kdc/C=SE" "ca" "kdc" "pkinit_kdc"
gen_cert "/CN=www.test.h5l.se/C=SE" "ca" "https" "https"