X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;f=doc%2Fscripts%2FgenerateKeys.sh;h=80bbf8954b2014af47719bae1888648f99a3cd88;hb=d5a4ff0e2905ee4f3481a1b28ca5ec94d7da38dc;hp=26a01ce30aac7df9e610f4e2e0f3fb650ca57283;hpb=d1d65cf8d10e92d7ef3ab5812a145925bd8e63d1;p=gigi.git

diff --git a/doc/scripts/generateKeys.sh b/doc/scripts/generateKeys.sh
index 26a01ce3..80bbf895 100755
--- a/doc/scripts/generateKeys.sh
+++ b/doc/scripts/generateKeys.sh
@@ -1,7 +1,33 @@
 #!/bin/sh
-# this script generates a simple self-signed keypair
+# this script generates a set of sample keys
 
-openssl genrsa -out jetty.key 4096
-openssl req -new -key jetty.key -out jetty.csr -subj "/CN=localhost" -config selfsign.config
-openssl x509 -req -days 365 -in jetty.csr -signkey jetty.key -out jetty.crt
-openssl pkcs12 -inkey jetty.key -in jetty.crt -export -passout pass: -out ../../config/keystore.pkcs12
+rm -Rf *.csr *.crt *.key *.pkcs12 testca
+
+openssl genrsa -out testca.key 4096
+openssl req -new -key testca.key -out testca.csr -subj "/CN=local cacert-gigi testCA" -config selfsign.config
+openssl x509 -req -days 365 -in testca.csr -signkey testca.key -out testca.crt
+
+mkdir testca
+mkdir testca/newcerts
+echo 01 > testca/serial
+touch testca/db
+echo unique_subject = no >testca/db.attr
+
+genserver(){
+
+openssl genrsa -out $1.key 4096
+openssl req -new -key $1.key -out $1.csr -subj "/CN=$1.cacert.local" -config selfsign.config
+openssl ca -cert testca.crt -keyfile testca.key -in $1.csr -out $1.crt -days 356 -batch -config selfsign.config
+
+openssl pkcs12 -inkey $1.key -in $1.crt -name $1 -export -passout pass:changeit -out $1.pkcs12
+
+keytool -importkeystore -noprompt -srckeystore $1.pkcs12 -destkeystore ../../config/keystore.pkcs12 -srcstoretype pkcs12 -deststoretype pkcs12 -srcstorepass "changeit" -deststorepass "changeit"
+
+}
+
+genserver www
+genserver secure
+genserver static
+genserver api
+
+keytool -list -keystore ../../config/keystore.pkcs12 -storetype pkcs12 -storepass "changeit"