rsacertgen.sh

来自「开源的ssl算法openssl,版本0.9.8H」· Shell 代码 · 共 122 行

122 行

#!/bin/sh# For a list of supported curves, use "apps/openssl ecparam -list_curves".# Path to the openssl distributionOPENSSL_DIR=../..# Path to the openssl programOPENSSL_CMD=$OPENSSL_DIR/apps/openssl# Option to find configuration fileOPENSSL_CNF="-config $OPENSSL_DIR/apps/openssl.cnf"# Directory where certificates are storedCERTS_DIR=./Certs# Directory where private key files are storedKEYS_DIR=$CERTS_DIR# Directory where combo files (containing a certificate and corresponding# private key together) are storedCOMBO_DIR=$CERTS_DIR# cat commandCAT=/bin/cat# rm commandRM=/bin/rm# mkdir commandMKDIR=/bin/mkdir# The certificate will expire these many days after the issue date.DAYS=1500TEST_CA_FILE=rsa1024TestCATEST_CA_DN="/C=US/ST=CA/L=Mountain View/O=Sun Microsystems, Inc./OU=Sun Microsystems Laboratories/CN=Test CA (1024 bit RSA)"TEST_SERVER_FILE=rsa1024TestServerTEST_SERVER_DN="/C=US/ST=CA/L=Mountain View/O=Sun Microsystems, Inc./OU=Sun Microsystems Laboratories/CN=Test Server (1024 bit RSA)"TEST_CLIENT_FILE=rsa1024TestClientTEST_CLIENT_DN="/C=US/ST=CA/L=Mountain View/O=Sun Microsystems, Inc./OU=Sun Microsystems Laboratories/CN=Test Client (1024 bit RSA)"# Generating an EC certificate involves the following main steps# 1. Generating curve parameters (if needed)# 2. Generating a certificate request# 3. Signing the certificate request # 4. [Optional] One can combine the cert and private key into a single#    file and also delete the certificate request$MKDIR -p $CERTS_DIR$MKDIR -p $KEYS_DIR$MKDIR -p $COMBO_DIRecho "Generating self-signed CA certificate (RSA)"echo "==========================================="$OPENSSL_CMD req $OPENSSL_CNF -nodes -subj "$TEST_CA_DN" \    -keyout $KEYS_DIR/$TEST_CA_FILE.key.pem \    -newkey rsa:1024 -new \    -out $CERTS_DIR/$TEST_CA_FILE.req.pem$OPENSSL_CMD x509 -req -days $DAYS \    -in $CERTS_DIR/$TEST_CA_FILE.req.pem \    -extfile $OPENSSL_DIR/apps/openssl.cnf \    -extensions v3_ca \    -signkey $KEYS_DIR/$TEST_CA_FILE.key.pem \    -out $CERTS_DIR/$TEST_CA_FILE.cert.pem# Display the certificate$OPENSSL_CMD x509 -in $CERTS_DIR/$TEST_CA_FILE.cert.pem -text# Place the certificate and key in a common file$OPENSSL_CMD x509 -in $CERTS_DIR/$TEST_CA_FILE.cert.pem -issuer -subject \	 > $COMBO_DIR/$TEST_CA_FILE.pem$CAT $KEYS_DIR/$TEST_CA_FILE.key.pem >> $COMBO_DIR/$TEST_CA_FILE.pem# Remove the cert request file (no longer needed)$RM $CERTS_DIR/$TEST_CA_FILE.req.pemecho "GENERATING A TEST SERVER CERTIFICATE (RSA)"echo "=========================================="$OPENSSL_CMD req $OPENSSL_CNF -nodes -subj "$TEST_SERVER_DN" \    -keyout $KEYS_DIR/$TEST_SERVER_FILE.key.pem \    -newkey rsa:1024 -new \    -out $CERTS_DIR/$TEST_SERVER_FILE.req.pem$OPENSSL_CMD x509 -req -days $DAYS \    -in $CERTS_DIR/$TEST_SERVER_FILE.req.pem \    -CA $CERTS_DIR/$TEST_CA_FILE.cert.pem \    -CAkey $KEYS_DIR/$TEST_CA_FILE.key.pem \    -out $CERTS_DIR/$TEST_SERVER_FILE.cert.pem -CAcreateserial# Display the certificate $OPENSSL_CMD x509 -in $CERTS_DIR/$TEST_SERVER_FILE.cert.pem -text# Place the certificate and key in a common file$OPENSSL_CMD x509 -in $CERTS_DIR/$TEST_SERVER_FILE.cert.pem -issuer -subject \	 > $COMBO_DIR/$TEST_SERVER_FILE.pem$CAT $KEYS_DIR/$TEST_SERVER_FILE.key.pem >> $COMBO_DIR/$TEST_SERVER_FILE.pem# Remove the cert request file (no longer needed)$RM $CERTS_DIR/$TEST_SERVER_FILE.req.pemecho "GENERATING A TEST CLIENT CERTIFICATE (RSA)"echo "=========================================="$OPENSSL_CMD req $OPENSSL_CNF -nodes -subj "$TEST_CLIENT_DN" \	     -keyout $KEYS_DIR/$TEST_CLIENT_FILE.key.pem \	     -newkey rsa:1024 -new \	     -out $CERTS_DIR/$TEST_CLIENT_FILE.req.pem$OPENSSL_CMD x509 -req -days $DAYS \    -in $CERTS_DIR/$TEST_CLIENT_FILE.req.pem \    -CA $CERTS_DIR/$TEST_CA_FILE.cert.pem \    -CAkey $KEYS_DIR/$TEST_CA_FILE.key.pem \    -out $CERTS_DIR/$TEST_CLIENT_FILE.cert.pem -CAcreateserial# Display the certificate $OPENSSL_CMD x509 -in $CERTS_DIR/$TEST_CLIENT_FILE.cert.pem -text# Place the certificate and key in a common file$OPENSSL_CMD x509 -in $CERTS_DIR/$TEST_CLIENT_FILE.cert.pem -issuer -subject \	 > $COMBO_DIR/$TEST_CLIENT_FILE.pem$CAT $KEYS_DIR/$TEST_CLIENT_FILE.key.pem >> $COMBO_DIR/$TEST_CLIENT_FILE.pem# Remove the cert request file (no longer needed)$RM $CERTS_DIR/$TEST_CLIENT_FILE.req.pem

rsacertgen.sh - 源码说明

本页面展示了「开源的ssl算法openssl,版本0.9.8H」中的 rsacertgen.sh 源码文件，采用 Shell 编程语言编写，共 122 行代码。您可以在线阅读完整代码内容，也可以返回资源详情页下载完整源码包进行本地学习和开发。

虫虫下载站收录了大量与openssl相关的技术资源，包括源代码、技术文档、电路图等，是电子工程师和嵌入式开发者的专业学习平台。

⌨️ 快捷键说明

复制代码Ctrl + C

搜索代码Ctrl + F

全屏模式F11

增大字号Ctrl + =

减小字号Ctrl + -

显示快捷键?