From 35da6fd38581847320abf2ce72e513cde1f73ba6 Mon Sep 17 00:00:00 2001 From: OttoMao Date: Fri, 29 Apr 2016 14:12:19 +0800 Subject: [PATCH] =?UTF-8?q?=E8=B0=83=E6=95=B4rootCA=E7=9A=84=E5=8F=82?= =?UTF-8?q?=E6=95=B0=EF=BC=8C=E8=B0=83=E6=95=B4=E8=BF=87=E6=9C=9F=E6=97=B6?= =?UTF-8?q?=E9=97=B4?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- cert/gen-cer | 20 ++++++++++---------- cert/gen-rootCA | 2 +- 2 files changed, 11 insertions(+), 11 deletions(-) diff --git a/cert/gen-cer b/cert/gen-cer index e432036..4deb0b4 100755 --- a/cert/gen-cer +++ b/cert/gen-cer @@ -1,10 +1,10 @@ #!/bin/bash - + #Required domain=$1 outputPath=$2 commonname=$domain - + #Change to your company details country=ZH state=Shanghai @@ -12,20 +12,20 @@ locality=Shanghai organization=a.com organizationalunit=IT email=a@b.com - + #Optional password=a - + if [ -z "$domain" ] then echo "Argument not present." echo "Useage $0 [domain] [outputPath]" - + exit 99 fi - + echo "Generating key request for $outputPath$domain" - + #Generate a key # openssl genrsa -out host.key 2048 # openssl genrsa -des3 -out $outputPath$domain.key 2048 -noout @@ -35,14 +35,14 @@ openssl genrsa -passout pass:$password -out $outputPath$domain.key 2048 #Remove passphrase from the key. Comment the line out to keep the passphrase echo "Removing passphrase from key" openssl rsa -in $outputPath$domain.key -passin pass:$password -out $outputPath$domain.key - + #Create the request echo "Creating CSR" openssl req -sha256 -new -key $outputPath$domain.key -out $outputPath$domain.csr -passin pass:$password \ -subj "/C=$country/ST=$state/L=$locality/O=$organization/OU=$organizationalunit/CN=$commonname/emailAddress=$email" - + #Generating a Self-Signed Certificate -openssl x509 -req -sha256 -days 365 -in $outputPath$domain.csr -CA rootCA.crt -CAkey rootCA.key -CAcreateserial -out $outputPath$domain.crt +openssl x509 -req -sha256 -days 3650 -in $outputPath$domain.csr -CA rootCA.crt -CAkey rootCA.key -CAcreateserial -out $outputPath$domain.crt # -signkey $outputPath$domain.key #openssl x509 -req -in host.csr -CA rootCA.crt -CAkey rootCA.key -CAcreateserial -out host.crt -days 365 echo "Finished" diff --git a/cert/gen-rootCA b/cert/gen-rootCA index 1f196c6..fda566b 100755 --- a/cert/gen-rootCA +++ b/cert/gen-rootCA @@ -3,7 +3,7 @@ outputPath=$1 cd $outputPath openssl genrsa -out rootCA.key 2048 -openssl req -x509 -new -nodes -key rootCA.key -days 36500 -out rootCA.crt \ +openssl req -sha256 -x509 -new -nodes -key rootCA.key -days 36500 -out rootCA.crt \ -subj "/C=CN/ST=SH/L=SH/O=AnyProxy/OU=Section/CN=Anyproxy SSL Proxying/emailAddress=AnyProxy@AnyProxy" echo "=============" echo "rootCA generated at :"