readme

性能优秀的SIP Proxy

Please see and understand the README file from the above directory. It's 
essential in order to use properly these two scripts.
Note that the scripts work only in directory where they are placed.


gen_rootCA.sh - creates the CA root self-signed certificate

May get a single parameter which is a the complete file name containing the CA
configuration. If none is supplied, the default one "ca.conf" will be used 
(this file is also provided - please update it with the relevant info about
your server/domain/company).

IMPORTANT: a private key will be also generated - we will be asked for a
password. REMEMBER the password since you will need it to sign certificates.
Also take care and protect your key file - by default the script changes the
permissions to 0660.

Ex: ./gen_rootCA.sh ca.conf



gen_usercert.sh - creates a server/client certificate: generates a request 
                  which is signed with a CA.

Gets mandatory parameter which is a user name. The "user.conf" must exist and
contain the configuration for the certificate request. All output files will
be placed in a new directory named after the user name.
There is sample of such configuration file provided : user.conf. If you intend
to use it, please update it with the relevant info about your server/domain/
company).

The output directory will contain all the files required for the configuration 
of one OpenSER TLS instance: the private key, the certificate and the CA list.

IMPORTANT: if you intend to use a different CA root then the one generated via
"gen_rootca.sh", please change in "gen_usercert.sh" the "CA_DIR" variable; also
update in the "request.conf" file, the "CA_request" section, all the paths
accordingly.

Ex: ./gen_usercert.sh user