try () {
echo "$@"
- $@ || exit 1
-}
-
-generate_key_command () {
- case "$1" in
- rsa)
- echo genrsa
- ;;
- *)
- exit 1
- esac
+ "$@" || exit 1
}
try rm -rf out
try mkdir out
echo Create the serial number and index files.
-try echo 1 > out/B-serial
+try /bin/sh -c "echo 01 > out/B-serial"
try touch out/B-index.txt
echo Generate the keys.
echo Generate the B CSR.
CA_COMMON_NAME="B Root CA" \
- CA_DIR=out \
- CA_NAME=req_env_dn \
- KEY_SIZE=2048 \
- ALGO=rsa \
- CERT_TYPE=root \
- TYPE=B CERTIFICATE=B \
+ CERTIFICATE=B \
try openssl req \
-new \
-key out/B.key \
echo B signs itself.
CA_COMMON_NAME="B Root CA" \
- CA_DIR=out \
- CA_NAME=req_env_dn \
try openssl x509 \
-req -days 3650 \
-in out/B.csr \
echo B signs A1.
CA_COMMON_NAME="B CA" \
- CA_DIR=out \
- CA_NAME=req_env_dn \
- KEY_SIZE=2048 \
- ALGO=sha1 \
- CERT_TYPE=intermediate \
- TYPE=B CERTIFICATE=B \
+ CERTIFICATE=B \
try openssl ca \
-batch \
-extensions user_cert \
echo B signs A2.
CA_COMMON_NAME="B CA" \
- CA_DIR=out \
- CA_NAME=req_env_dn \
- KEY_SIZE=2048 \
- ALGO=sha1 \
- CERT_TYPE=intermediate \
- TYPE=B CERTIFICATE=B \
+ CERTIFICATE=B \
try openssl ca \
-batch \
-extensions user_cert \
-out ../certificates/duplicate_cn_2.p12 \
-passout pass:chrome
-cp out/A1.pem ../certificates/duplicate_cn_1.pem
-cp out/A2.pem ../certificates/duplicate_cn_2.pem
+try cp out/A1.pem ../certificates/duplicate_cn_1.pem
+try cp out/A2.pem ../certificates/duplicate_cn_2.pem