sbaildon · April 24, 2017 22:12
diff --git a/bash.sh b/bash.sh
 #!/usr/bin/env bash -ex

 SERVER_CN=localhost
 USERNAME=Admin

 WORKSPACE=/tmp/certs
 CA_DIR=${WORKSPACE}/authority
 SERVER_DIR=${WORKSPACE}/${SERVER_CN}
 USER_DIR=${WORKSPACE}/admin

 rm -rf ${WORKSPACE}

 # Cert Authority
 mkdir -p ${CA_DIR}
 openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:2048 -keyout ${CA_DIR}/rootCA.key -out ${CA_DIR}/rootCA.crt -subj "/C=GB/O=Example/OU=Dev/CN=CA" -passin pass:password
 keytool -import -keystore ${CA_DIR}/truststore.jks -file ${CA_DIR}/rootCA.crt -alias rootCA -storepass password -noprompt

 # Server now
 mkdir -p  ${SERVER_DIR}
 openssl req -out ${SERVER_DIR}/${SERVER_CN}.csr -newkey rsa:2048 -nodes -keyout ${SERVER_DIR}/${SERVER_CN}.key -subj "/C=GB/O=Example/OU=Dev/CN=${SERVER_CN}" -passin pass:password
 openssl x509 -req -days 360 -in ${SERVER_DIR}/${SERVER_CN}.csr -CA ${CA_DIR}/rootCA.crt -CAkey ${CA_DIR}/rootCA.key -CAcreateserial -out ${SERVER_DIR}/${SERVER_CN}.crt
 openssl pkcs12 -export -out ${SERVER_DIR}/${SERVER_CN}.p12 -inkey ${SERVER_DIR}/${SERVER_CN}.key -in ${SERVER_DIR}/${SERVER_CN}.crt -certfile ${CA_DIR}/rootCA.crt -passout pass:password

 # User
 mkdir -p ${USER_DIR}
 openssl req -out ${USER_DIR}/${USERNAME}.csr -newkey rsa:2048 -nodes -keyout ${USER_DIR}/${USERNAME}.key -subj "/C=GB/O=Example/OU=Dev/CN=${USERNAME}" -passin pass:password
 openssl x509 -req -days 360 -in ${USER_DIR}/${USERNAME}.csr -CA ${CA_DIR}/rootCA.crt -CAkey ${CA_DIR}/rootCA.key -CAcreateserial -out ${USER_DIR}/${USERNAME}.crt
 openssl pkcs12 -export -out ${USER_DIR}/${USERNAME}.p12 -inkey ${USER_DIR}/${USERNAME}.key -in ${USER_DIR}/${USERNAME}.crt -certfile ${CA_DIR}/rootCA.crt -passout pass:password
	#!/usr/bin/env bash -ex

	SERVER_CN=localhost
	USERNAME=Admin

	WORKSPACE=/tmp/certs
	CA_DIR=${WORKSPACE}/authority
	SERVER_DIR=${WORKSPACE}/${SERVER_CN}
	USER_DIR=${WORKSPACE}/admin

	rm -rf ${WORKSPACE}

	# Cert Authority
	mkdir -p ${CA_DIR}
	openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:2048 -keyout ${CA_DIR}/rootCA.key -out ${CA_DIR}/rootCA.crt -subj "/C=GB/O=Example/OU=Dev/CN=CA" -passin pass:password
	keytool -import -keystore ${CA_DIR}/truststore.jks -file ${CA_DIR}/rootCA.crt -alias rootCA -storepass password -noprompt

	# Server now
	mkdir -p ${SERVER_DIR}
	openssl req -out ${SERVER_DIR}/${SERVER_CN}.csr -newkey rsa:2048 -nodes -keyout ${SERVER_DIR}/${SERVER_CN}.key -subj "/C=GB/O=Example/OU=Dev/CN=${SERVER_CN}" -passin pass:password
	openssl x509 -req -days 360 -in ${SERVER_DIR}/${SERVER_CN}.csr -CA ${CA_DIR}/rootCA.crt -CAkey ${CA_DIR}/rootCA.key -CAcreateserial -out ${SERVER_DIR}/${SERVER_CN}.crt
	openssl pkcs12 -export -out ${SERVER_DIR}/${SERVER_CN}.p12 -inkey ${SERVER_DIR}/${SERVER_CN}.key -in ${SERVER_DIR}/${SERVER_CN}.crt -certfile ${CA_DIR}/rootCA.crt -passout pass:password

	# User
	mkdir -p ${USER_DIR}
	openssl req -out ${USER_DIR}/${USERNAME}.csr -newkey rsa:2048 -nodes -keyout ${USER_DIR}/${USERNAME}.key -subj "/C=GB/O=Example/OU=Dev/CN=${USERNAME}" -passin pass:password
	openssl x509 -req -days 360 -in ${USER_DIR}/${USERNAME}.csr -CA ${CA_DIR}/rootCA.crt -CAkey ${CA_DIR}/rootCA.key -CAcreateserial -out ${USER_DIR}/${USERNAME}.crt
	openssl pkcs12 -export -out ${USER_DIR}/${USERNAME}.p12 -inkey ${USER_DIR}/${USERNAME}.key -in ${USER_DIR}/${USERNAME}.crt -certfile ${CA_DIR}/rootCA.crt -passout pass:password