PKI example for vgisc.com
| bin | ||
| client | ||
| conf | ||
| root-ca | ||
| scripts | ||
| server | ||
| sub-ca | ||
| vgisc.com | ||
| xml | ||
| build-3.3.2.sh | ||
| build.sh | ||
| encrypt_keys.sh | ||
| gen_ca-3.3.2.sh | ||
| gen_clients.sh | ||
| gen_crypto_key_xml.sh | ||
| gen_pki_param_xml.sh | ||
| gen_servers.sh | ||
| git_push.sh | ||
| LICENSE | ||
| readme.md | ||
Simple shell script to create certs (RSA or EC (nistp256r1))
Usage:
./build.sh rsa/ec gen_ca # generate CA keys and certs
./build.sh rsa/ec gen_subca # generate Sub CA keys and certs (implying: gen_ca)
./build.sh rsa/ec server wwww.vgisc.com # generate Server certs with CommonName: www.vgisc.com (implying: gen_subca)
./build.sh rsa/ec client client1 # generate client certs with CommonName: client1 (implying: gen_subca)
./build.sh rsa/ec test_server # generate a test server cert and run openssl s_server on 127.0.0.1:8443
./build.sh rsa/ec test_client # generate a test client cert and run openssl s_client connecting 127.0.0.1:8443
./build.sh verify # verify every cert in ./server/*.crt and ./client/*.crt
./build.sh clean # delete everything, including root-ca and sub-ca dirs
./build.sh help # show this help