projects
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
GH355: Implement HKDF
[openssl.git]
/
util
/
mkcerts.sh
diff --git
a/util/mkcerts.sh
b/util/mkcerts.sh
index 5f8a1dae73954386a5579992aac2d969353f3858..e4a9892467d0acff2c6cc1a4210652c108e46f19 100755
(executable)
--- a/
util/mkcerts.sh
+++ b/
util/mkcerts.sh
@@
-1,4
+1,4
@@
-#!bin/sh
+#!
/
bin/sh
# This script will re-make all the required certs.
# cd apps
# This script will re-make all the required certs.
# cd apps
@@
-12,13
+12,13
@@
#
CAbits=1024
#
CAbits=1024
-SSLEAY="../apps/
ssleay
"
-CONF="-config ../apps/
ssleay
.cnf"
+SSLEAY="../apps/
openssl
"
+CONF="-config ../apps/
openssl
.cnf"
# create pca request.
echo creating $CAbits bit PCA cert request
$SSLEAY req $CONF \
# create pca request.
echo creating $CAbits bit PCA cert request
$SSLEAY req $CONF \
- -new -
md5
-newkey $CAbits \
+ -new -
sha256
-newkey $CAbits \
-keyout pca-key.pem \
-out pca-req.pem -nodes >/dev/null <<EOF
AU
-keyout pca-key.pem \
-out pca-req.pem -nodes >/dev/null <<EOF
AU
@@
-40,7
+40,7
@@
fi
#sign it.
echo
echo self signing PCA
#sign it.
echo
echo self signing PCA
-$SSLEAY x509 -
md5 -days 1461
\
+$SSLEAY x509 -
sha256 -days 36525
\
-req -signkey pca-key.pem \
-CAcreateserial -CAserial pca-cert.srl \
-in pca-req.pem -out pca-cert.pem
-req -signkey pca-key.pem \
-CAcreateserial -CAserial pca-cert.srl \
-in pca-req.pem -out pca-cert.pem
@@
-54,7
+54,7
@@
echo
# create ca request.
echo creating $CAbits bit CA cert request
$SSLEAY req $CONF \
# create ca request.
echo creating $CAbits bit CA cert request
$SSLEAY req $CONF \
- -new -
md5
-newkey $CAbits \
+ -new -
sha256
-newkey $CAbits \
-keyout ca-key.pem \
-out ca-req.pem -nodes >/dev/null <<EOF
AU
-keyout ca-key.pem \
-out ca-req.pem -nodes >/dev/null <<EOF
AU
@@
-76,7
+76,7
@@
fi
#sign it.
echo
echo signing CA
#sign it.
echo
echo signing CA
-$SSLEAY x509 -
md5 -days 1461
\
+$SSLEAY x509 -
sha256 -days 36525
\
-req \
-CAcreateserial -CAserial pca-cert.srl \
-CA pca-cert.pem -CAkey pca-key.pem \
-req \
-CAcreateserial -CAserial pca-cert.srl \
-CA pca-cert.pem -CAkey pca-key.pem \
@@
-91,7
+91,7
@@
echo
# create server request.
echo creating 512 bit server cert request
$SSLEAY req $CONF \
# create server request.
echo creating 512 bit server cert request
$SSLEAY req $CONF \
- -new -
md5
-newkey 512 \
+ -new -
sha256
-newkey 512 \
-keyout s512-key.pem \
-out s512-req.pem -nodes >/dev/null <<EOF
AU
-keyout s512-key.pem \
-out s512-req.pem -nodes >/dev/null <<EOF
AU
@@
-113,7
+113,7
@@
fi
#sign it.
echo
echo signing 512 bit server cert
#sign it.
echo
echo signing 512 bit server cert
-$SSLEAY x509 -
md5 -days 36
5 \
+$SSLEAY x509 -
sha256 -days 3652
5 \
-req \
-CAcreateserial -CAserial ca-cert.srl \
-CA ca-cert.pem -CAkey ca-key.pem \
-req \
-CAcreateserial -CAserial ca-cert.srl \
-CA ca-cert.pem -CAkey ca-key.pem \
@@
-128,7
+128,7
@@
echo
# create 1024 bit server request.
echo creating 1024 bit server cert request
$SSLEAY req $CONF \
# create 1024 bit server request.
echo creating 1024 bit server cert request
$SSLEAY req $CONF \
- -new -
md5
-newkey 1024 \
+ -new -
sha256
-newkey 1024 \
-keyout s1024key.pem \
-out s1024req.pem -nodes >/dev/null <<EOF
AU
-keyout s1024key.pem \
-out s1024req.pem -nodes >/dev/null <<EOF
AU
@@
-150,7
+150,7
@@
fi
#sign it.
echo
echo signing 1024 bit server cert
#sign it.
echo
echo signing 1024 bit server cert
-$SSLEAY x509 -
md5 -days 36
5 \
+$SSLEAY x509 -
sha256 -days 3652
5 \
-req \
-CAcreateserial -CAserial ca-cert.srl \
-CA ca-cert.pem -CAkey ca-key.pem \
-req \
-CAcreateserial -CAserial ca-cert.srl \
-CA ca-cert.pem -CAkey ca-key.pem \
@@
-165,7
+165,7
@@
echo
# create 512 bit client request.
echo creating 512 bit client cert request
$SSLEAY req $CONF \
# create 512 bit client request.
echo creating 512 bit client cert request
$SSLEAY req $CONF \
- -new -
md5
-newkey 512 \
+ -new -
sha256
-newkey 512 \
-keyout c512-key.pem \
-out c512-req.pem -nodes >/dev/null <<EOF
AU
-keyout c512-key.pem \
-out c512-req.pem -nodes >/dev/null <<EOF
AU
@@
-187,7
+187,7
@@
fi
#sign it.
echo
echo signing 512 bit client cert
#sign it.
echo
echo signing 512 bit client cert
-$SSLEAY x509 -
md5 -days 36
5 \
+$SSLEAY x509 -
sha256 -days 3652
5 \
-req \
-CAcreateserial -CAserial ca-cert.srl \
-CA ca-cert.pem -CAkey ca-key.pem \
-req \
-CAcreateserial -CAserial ca-cert.srl \
-CA ca-cert.pem -CAkey ca-key.pem \