Subversion Repositories sysadmin_scripts

Rev

Rev 185 | Show entire file | Ignore whitespace | Details | Blame | Last modification | View Log | RSS feed

Rev 185 Rev 187
Line 99... Line 99...
99
   open CNF, ">$extFile" or die "Could not write to $extFile: $!\n";
99
   open CNF, ">$extFile" or die "Could not write to $extFile: $!\n";
100
   print CNF join( "\n", @newLines ) . "\n";
100
   print CNF join( "\n", @newLines ) . "\n";
101
   close CNF;
101
   close CNF;
102
}
102
}
103
 
103
 
104
die;
-
 
105
 
-
 
106
# Create an rsa key into $DOMAIN.key
104
# Create an rsa key into $DOMAIN.key
107
`openssl genpkey -algorithm RSA -out $keyFile -pkeyopt rsa_keygen_bits:2048`;
105
`openssl genpkey -algorithm RSA -out $keyFile -pkeyopt rsa_keygen_bits:2048` unless -f $keyFile;
108
# create a signing request, using $DOMAIN.ext for all the DN stuff saved in $DOMAIN.csr
106
# create a signing request, using $DOMAIN.ext for all the DN stuff saved in $DOMAIN.csr
109
`openssl req -config $extFile -key $keyFile -new -out $csrFile`;
107
`openssl req -config $extFile -key $keyFile -new -out $csrFile` unless -f $csrFile;
110
# generate the actual crt file as $DOMAIN.crt, using the csr and ext file
108
# generate the actual crt file as $DOMAIN.crt, using the csr and ext file
111
`openssl x509 -req -in $csrFile -CA $caCRT -CAkey $caKey -CAcreateserial -out $crtFile -days $certDays -extensions req_ext -extfile $extFile`;
109
`openssl x509 -req -in $csrFile -CA $caCRT -CAkey $caKey -CAcreateserial -out $crtFile -days $certDays -extensions req_ext -extfile $extFile`;
112
 
110
 
113
print "key and crt created. Use the following command to view the certificate\nopenssl x509 -in $crtFile -text -noout\n";
111
print "key and crt created. Use the following command to view the certificate\nopenssl x509 -in $crtFile -text -noout\n";
114
print "and the following to view CSR\nopenssl req -in $csrFile -text -noout\n";
112
print "and the following to view CSR\nopenssl req -in $csrFile -text -noout\n";