openssl req -new -key $1.key -out $1.csr -subj "$2"
caSign $1 $year/ca/env_${year}_1 "$3" "${year}${points[1]}" "$((${year} + 2))${points[1]}"
- TZ=UTC LD_PRELOAD=/usr/lib/x86_64-linux-gnu/faketime/libfaketime.so.1 FAKETIME="${year}-01-01 00:00:00" openssl pkcs12 -inkey $1.key -in $1.crt -CAfile env.chain.crt -chain -name $1 -export -passout pass:changeit -out $1.pkcs12
+ TZ=UTC LD_PRELOAD=/usr/lib/x86_64-linux-gnu/faketime/libfaketime.so.1 FAKETIME="${year}-01-01 00:00:00" openssl pkcs12 -inkey $1.key -in $1.crt -CAfile env.chain.crt -chain -name $1 -export -passout pass:changeit -out $1.pkcs12 -name "$4"
}
# generate environment-keys specific to gigi.
# first the server keys
-genserver $year/keys/www "/CN=www.${DOMAIN}" req.cnf
-genserver $year/keys/secure "/CN=secure.${DOMAIN}" req.cnf
-genserver $year/keys/static "/CN=static.${DOMAIN}" req.cnf
-genserver $year/keys/api "/CN=api.${DOMAIN}" req.cnf
+genserver $year/keys/www "/CN=www.${DOMAIN}" req.cnf www
+genserver $year/keys/secure "/CN=secure.${DOMAIN}" req.cnf secure
+genserver $year/keys/static "/CN=static.${DOMAIN}" req.cnf static
+genserver $year/keys/api "/CN=api.${DOMAIN}" req.cnf api
# then the email signing key
-genserver $year/keys/mail "/emailAddress=support@${DOMAIN}" reqMail.cnf
+genserver $year/keys/mail "/emailAddress=support@${DOMAIN}" reqMail.cnf mail
# then environment-keys for cassiopeia
-genserver $year/keys/signer_client "/CN=CAcert signer handler 1" reqClient.cnf
-genserver $year/keys/signer_server "/CN=CAcert signer 1" req.cnf
+genserver $year/keys/signer_client "/CN=CAcert signer handler 1" reqClient.cnf signer_client
+genserver $year/keys/signer_server "/CN=CAcert signer 1" req.cnf signer_server
rm req.cnf reqMail.cnf reqClient.cnf
+
rm env.chain.crt
projects / nre.git / commitdiff