Created
January 18, 2021 14:24
-
-
Save ivarref/15c7ee8ea8d7449398cd2979eafd5d31 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| .#!/bin/bash | |
| rm client.crt client.pkcs8 2> /dev/null || true | |
| rm server.crt server.pkcs8 2> /dev/null || true | |
| rm -rf demoCA || true | |
| mkdir -p demoCA/newcerts | |
| touch demoCA/index.txt | |
| set -ex | |
| openssl req -nodes -new -newkey rsa:4096 -keyout server.pkcs8 -sha256 -out req.pem \ | |
| -subj '/C=US/ST=Oregon/L=Portland/O=Company Name/OU=Org/CN=server.example.com' \ | |
| -addext 'subjectAltName=DNS:server.example.com,DNS:server.example.net;IP:127.0.0.1,DNS:localhost' | |
| openssl ca -create_serial -out server.crt -days 3650 -batch -keyfile server.pkcs8 \ | |
| -selfsign -extensions v3_ca -infiles req.pem | |
| openssl req -nodes -new -newkey rsa:4096 -keyout client.pkcs8 -sha256 -out req.pem \ | |
| -subj '/C=US/ST=Oregon/L=Portland/O=Company Name/OU=Org/CN=client.example.com' \ | |
| -addext 'subjectAltName=DNS:client.example.com,DNS:client.example.net;IP:127.0.0.1,DNS:localhost' | |
| openssl ca -out client.crt -days 3650 -batch -keyfile server.pkcs8 -cert server.crt -infiles req.pem | |
| clojure -Sdeps '{:deps {less-awful-ssl/less-awful-ssl {:mvn/version "1.0.6"}}}' \ | |
| -M --report stderr \ | |
| -e '(use (quote less.awful.ssl)) \ | |
| (test-ssl "client.pkcs8" "client.crt" "server.pkcs8" "server.crt" "server.crt") \ | |
| (shutdown-agents)' | |
| echo "Done!" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment