Created
August 6, 2012 11:21
-
-
Save mindscratch/3273683 to your computer and use it in GitHub Desktop.
Generate certificates (useful for testing), taken from: https://github.com/jnunemaker/httparty/blob/582e36b27fa0721c55fb79066caf4c9cdb298b1e/spec/fixtures/ssl/generate.sh
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| set -e | |
| if [ -d "generated" ] ; then | |
| echo >&2 "error: 'generated' directory already exists. Delete it first." | |
| exit 1 | |
| fi | |
| mkdir generated | |
| # Generate the CA private key and certificate | |
| openssl req -batch -subj '/CN=INSECURE Test Certificate Authority' -newkey rsa:1024 -new -x509 -days 999999 -keyout generated/ca.key -nodes -out generated/ca.crt | |
| # Create symlinks for ssl_ca_path | |
| c_rehash generated | |
| # Generate the server private key and self-signed certificate | |
| openssl req -batch -subj '/CN=localhost' -newkey rsa:1024 -new -x509 -days 999999 -keyout generated/server.key -nodes -out generated/selfsigned.crt | |
| # Generate certificate signing request with bogus hostname | |
| openssl req -batch -subj '/CN=bogo' -new -days 999999 -key generated/server.key -nodes -out generated/bogushost.csr | |
| # Sign the certificate requests | |
| openssl x509 -CA generated/ca.crt -CAkey generated/ca.key -set_serial 1 -in generated/selfsigned.crt -out generated/server.crt -clrext -extfile openssl-exts.cnf -extensions cert | |
| openssl x509 -req -CA generated/ca.crt -CAkey generated/ca.key -set_serial 1 -in generated/bogushost.csr -out generated/bogushost.crt -clrext -extfile openssl-exts.cnf -extensions cert | |
| # Remove certificate signing requests | |
| rm -f generated/*.csr | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment