| Line 99... |
Line 99... |
| 99 |
open CNF, ">$extFile" or die "Could not write to $extFile: $!\n";
|
99 |
open CNF, ">$extFile" or die "Could not write to $extFile: $!\n";
|
| 100 |
print CNF join( "\n", @newLines ) . "\n";
|
100 |
print CNF join( "\n", @newLines ) . "\n";
|
| 101 |
close CNF;
|
101 |
close CNF;
|
| 102 |
}
|
102 |
}
|
| 103 |
|
103 |
|
| 104 |
die;
|
- |
|
| 105 |
|
- |
|
| 106 |
# Create an rsa key into $DOMAIN.key
|
104 |
# Create an rsa key into $DOMAIN.key
|
| 107 |
`openssl genpkey -algorithm RSA -out $keyFile -pkeyopt rsa_keygen_bits:2048`;
|
105 |
`openssl genpkey -algorithm RSA -out $keyFile -pkeyopt rsa_keygen_bits:2048` unless -f $keyFile;
|
| 108 |
# create a signing request, using $DOMAIN.ext for all the DN stuff saved in $DOMAIN.csr
|
106 |
# create a signing request, using $DOMAIN.ext for all the DN stuff saved in $DOMAIN.csr
|
| 109 |
`openssl req -config $extFile -key $keyFile -new -out $csrFile`;
|
107 |
`openssl req -config $extFile -key $keyFile -new -out $csrFile` unless -f $csrFile;
|
| 110 |
# generate the actual crt file as $DOMAIN.crt, using the csr and ext file
|
108 |
# generate the actual crt file as $DOMAIN.crt, using the csr and ext file
|
| 111 |
`openssl x509 -req -in $csrFile -CA $caCRT -CAkey $caKey -CAcreateserial -out $crtFile -days $certDays -extensions req_ext -extfile $extFile`;
|
109 |
`openssl x509 -req -in $csrFile -CA $caCRT -CAkey $caKey -CAcreateserial -out $crtFile -days $certDays -extensions req_ext -extfile $extFile`;
|
| 112 |
|
110 |
|
| 113 |
print "key and crt created. Use the following command to view the certificate\nopenssl x509 -in $crtFile -text -noout\n";
|
111 |
print "key and crt created. Use the following command to view the certificate\nopenssl x509 -in $crtFile -text -noout\n";
|
| 114 |
print "and the following to view CSR\nopenssl req -in $csrFile -text -noout\n";
|
112 |
print "and the following to view CSR\nopenssl req -in $csrFile -text -noout\n";
|