|
Nikos Mavrogiannopoulos |
18c47c8 |
#!/bin/sh
|
|
Nikos Mavrogiannopoulos |
18c47c8 |
|
|
Nikos Mavrogiannopoulos |
18c47c8 |
#generate CA certificate/key
|
|
Nikos Mavrogiannopoulos |
18c47c8 |
if test ! -f /etc/pki/ocserv/private/ca.key;then
|
|
Nikos Mavrogiannopoulos |
236cc58 |
mkdir -p /etc/pki/ocserv/private
|
|
Nikos Mavrogiannopoulos |
18c47c8 |
certtool --generate-privkey --outfile /etc/pki/ocserv/private/ca.key >/dev/null 2>&1
|
|
Nikos Mavrogiannopoulos |
18c47c8 |
echo "cn=`hostname -f` CA" >/etc/pki/ocserv/ca.tmpl
|
|
Nikos Mavrogiannopoulos |
18c47c8 |
echo "expiration_days=-1" >>/etc/pki/ocserv/ca.tmpl
|
|
Nikos Mavrogiannopoulos |
18c47c8 |
echo "serial=1" >>/etc/pki/ocserv/ca.tmpl
|
|
Nikos Mavrogiannopoulos |
18c47c8 |
echo "ca" >>/etc/pki/ocserv/ca.tmpl
|
|
Nikos Mavrogiannopoulos |
18c47c8 |
echo "cert_signing_key" >>/etc/pki/ocserv/ca.tmpl
|
|
Nikos Mavrogiannopoulos |
18c47c8 |
certtool --template /etc/pki/ocserv/ca.tmpl \
|
|
Nikos Mavrogiannopoulos |
18c47c8 |
--generate-self-signed --load-privkey /etc/pki/ocserv/private/ca.key \
|
|
Nikos Mavrogiannopoulos |
18c47c8 |
--outfile /etc/pki/ocserv/cacerts/ca.crt >/dev/null 2>&1
|
|
Nikos Mavrogiannopoulos |
18c47c8 |
#rm -f /etc/pki/ocserv/ca.tmpl
|
|
Nikos Mavrogiannopoulos |
18c47c8 |
fi
|
|
Nikos Mavrogiannopoulos |
18c47c8 |
|
|
Nikos Mavrogiannopoulos |
18c47c8 |
#generate server certificate/key
|
|
Nikos Mavrogiannopoulos |
18c47c8 |
if test ! -f /etc/pki/ocserv/private/server.key;then
|
|
Nikos Mavrogiannopoulos |
18c47c8 |
certtool --generate-privkey --outfile /etc/pki/ocserv/private/server.key >/dev/null 2>&1
|
|
Nikos Mavrogiannopoulos |
18c47c8 |
echo "cn=`hostname -f`" >/etc/pki/ocserv/server.tmpl
|
|
Nikos Mavrogiannopoulos |
18c47c8 |
echo "serial=2" >>/etc/pki/ocserv/server.tmpl
|
|
Nikos Mavrogiannopoulos |
18c47c8 |
echo "expiration_days=-1" >>/etc/pki/ocserv/server.tmpl
|
|
Nikos Mavrogiannopoulos |
18c47c8 |
echo "signing_key" >>/etc/pki/ocserv/server.tmpl
|
|
Nikos Mavrogiannopoulos |
18c47c8 |
echo "encryption_key" >>/etc/pki/ocserv/server.tmpl
|
|
Nikos Mavrogiannopoulos |
18c47c8 |
certtool --template /etc/pki/ocserv/server.tmpl \
|
|
Nikos Mavrogiannopoulos |
18c47c8 |
--generate-certificate --load-privkey /etc/pki/ocserv/private/server.key \
|
|
Nikos Mavrogiannopoulos |
18c47c8 |
--load-ca-certificate /etc/pki/ocserv/cacerts/ca.crt --load-ca-privkey \
|
|
Nikos Mavrogiannopoulos |
18c47c8 |
/etc/pki/ocserv/private/ca.key --outfile /etc/pki/ocserv/public/server.crt >/dev/null 2>&1
|
|
Nikos Mavrogiannopoulos |
18c47c8 |
#rm -f /etc/pki/ocserv/server.tmpl
|
|
Nikos Mavrogiannopoulos |
18c47c8 |
fi
|
|
Nikos Mavrogiannopoulos |
18c47c8 |
|
|
Nikos Mavrogiannopoulos |
18c47c8 |
exit 0
|