xaizek / rocketgit (License: AGPLv3+) (since 2018-12-09)
Light and fast Git hosting solution suitable to serve both as a hub or as a personal code storage with its tickets, pull requests, API and much more.
<root> / tests / ca.sh (3a8ff3c66001689b202d938de8b4ef72b3471bdd) (1,159B) (mode 100755) [raw]

ID=`date +%s`

set -e

# Generates a CA

if [ -z "${1}" ]; then
	echo "Usage: ca.sh name_of_the_ca"
	exit 1


mkdir -p "ca/${1}"
cd "ca/${1}"

mkdir -p certs private csr

if [ ! -r private/cakey.pem ]; then
	echo "Creating CA key..."
	openssl genrsa -out private/cakey.pem 2048

if [ ! -r certs/cacert.pem ]; then
	echo "Generating cert..."
	openssl req -new -x509 \
		-days 3650 \
		-extensions v3_ca \
		-key private/cakey.pem \
		-out certs/cacert.pem \
		-subj "/C=XX/ST=XXX/L=XXX/O=XXX-${ID}/CN=ca.example.com"

for i in localhost client; do
	if [ ! -r private/${i}.key ]; then
		echo "Generating ${i} key..."
		openssl genrsa -out private/${i}.key 2048

	if [ ! -r csr/${i}.csr ]; then
		echo "Generating ${i} csr..."
		openssl req -new -key private/${i}.key -out csr/${i}.csr \
			-subj "/C=XX/ST=XXX/L=XXX/O=XXX-${ID}/CN=${i}"

	if [ ! -r certs/${i}.pem ]; then
		echo "Generating ${i} cert..."
		openssl x509 -req -in csr/${i}.csr \
			-CA certs/cacert.pem \
			-CAkey private/cakey.pem \
			-CAcreateserial \
			-days 500 \
			-out certs/${i}.pem

chmod -R 0600 private

echo "CA_SH_OK"

