| Line 88... |
Line 88... |
| 88 |
}
|
88 |
}
|
| 89 |
|
89 |
|
| 90 |
# Create an rsa key into $DOMAIN.key
|
90 |
# Create an rsa key into $DOMAIN.key
|
| 91 |
`openssl genpkey -algorithm RSA -out $serverCertDir$DOMAIN.key -pkeyopt rsa_keygen_bits:2048`;
|
91 |
`openssl genpkey -algorithm RSA -out $serverCertDir$DOMAIN.key -pkeyopt rsa_keygen_bits:2048`;
|
| 92 |
# create a signing request, using $DOMAIN.ext for all the DN stuff saved in $DOMAIN.csr
|
92 |
# create a signing request, using $DOMAIN.ext for all the DN stuff saved in $DOMAIN.csr
|
| 93 |
`openssl req -config openssl.cnf -key $serverCertDir$DOMAIN.key -new -out $serverCertDir$DOMAIN.csr`;
|
93 |
`openssl req -config $configFile -key $serverCertDir$DOMAIN.key -new -out $serverCertDir$DOMAIN.csr`;
|
| 94 |
# generate the actual crt file as $DOMAIN.crt, using the csr and ext file
|
94 |
# generate the actual crt file as $DOMAIN.crt, using the csr and ext file
|
| 95 |
`openssl x509 -req -in $serverCertDir$DOMAIN.csr -CA $caCRT -CAkey $caKey -CAcreateserial -out $serverCertDir$DOMAIN.crt -days $certDays -extensions req_ext -extfile $serverCertDir$DOMAIN.ext`;
|
95 |
`openssl x509 -req -in $serverCertDir$DOMAIN.csr -CA $caCRT -CAkey $caKey -CAcreateserial -out $serverCertDir$DOMAIN.crt -days $certDays -extensions req_ext -extfile $serverCertDir$DOMAIN.ext`;
|
| 96 |
|
96 |
|
| 97 |
print "key and crt created. Use the following command to view the certificate\nopenssl x509 -in $DOMAIN.crt -text -noout\n";
|
97 |
print "key and crt created. Use the following command to view the certificate\nopenssl x509 -in $DOMAIN.crt -text -noout\n";
|
| 98 |
1;
|
98 |
1;
|