aboutsummaryrefslogtreecommitdiff
path: root/easy-rsa/1.0/build-key
diff options
context:
space:
mode:
authorjames <james@e7ae566f-a301-0410-adde-c780ea21d3b5>2005-09-26 07:40:02 +0000
committerjames <james@e7ae566f-a301-0410-adde-c780ea21d3b5>2005-09-26 07:40:02 +0000
commit3c7f2f553be4b3ba9412c1b3f64a258c469d78f4 (patch)
tree9d58836b0f1eade372de7ce15c41d6555d55ef21 /easy-rsa/1.0/build-key
parentThis is the start of the BETA21 branch. (diff)
downloadopenvpn-3c7f2f553be4b3ba9412c1b3f64a258c469d78f4.tar.xz
version 2.1_beta1
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@581 e7ae566f-a301-0410-adde-c780ea21d3b5
Diffstat (limited to '')
-rwxr-xr-xeasy-rsa/1.0/build-key20
-rwxr-xr-xeasy-rsa/1.0/build-key-pass20
-rwxr-xr-xeasy-rsa/1.0/build-key-pkcs1221
-rwxr-xr-xeasy-rsa/1.0/build-key-server22
4 files changed, 83 insertions, 0 deletions
diff --git a/easy-rsa/1.0/build-key b/easy-rsa/1.0/build-key
new file mode 100755
index 0000000..3159d2b
--- /dev/null
+++ b/easy-rsa/1.0/build-key
@@ -0,0 +1,20 @@
+#!/bin/sh
+
+#
+# Make a certificate/private key pair using a locally generated
+# root certificate.
+#
+
+if test $# -ne 1; then
+ echo "usage: build-key <name>";
+ exit 1
+fi
+
+if test $KEY_DIR; then
+ cd $KEY_DIR && \
+ openssl req -days 3650 -nodes -new -keyout $1.key -out $1.csr -config $KEY_CONFIG && \
+ openssl ca -days 3650 -out $1.crt -in $1.csr -config $KEY_CONFIG && \
+ chmod 0600 $1.key
+else
+ echo you must define KEY_DIR
+fi
diff --git a/easy-rsa/1.0/build-key-pass b/easy-rsa/1.0/build-key-pass
new file mode 100755
index 0000000..03ab304
--- /dev/null
+++ b/easy-rsa/1.0/build-key-pass
@@ -0,0 +1,20 @@
+#!/bin/sh
+
+#
+# Similar to build-key, but protect the private key
+# with a password.
+#
+
+if test $# -ne 1; then
+ echo "usage: build-key-pass <name>";
+ exit 1
+fi
+
+if test $KEY_DIR; then
+ cd $KEY_DIR && \
+ openssl req -days 3650 -new -keyout $1.key -out $1.csr -config $KEY_CONFIG && \
+ openssl ca -days 3650 -out $1.crt -in $1.csr -config $KEY_CONFIG && \
+ chmod 0600 $1.key
+else
+ echo you must define KEY_DIR
+fi
diff --git a/easy-rsa/1.0/build-key-pkcs12 b/easy-rsa/1.0/build-key-pkcs12
new file mode 100755
index 0000000..f8a057b
--- /dev/null
+++ b/easy-rsa/1.0/build-key-pkcs12
@@ -0,0 +1,21 @@
+#!/bin/sh
+
+#
+# Make a certificate/private key pair using a locally generated
+# root certificate and convert it to a PKCS #12 file including the
+# the CA certificate as well.
+
+if test $# -ne 1; then
+ echo "usage: build-key-pkcs12 <name>";
+ exit 1
+fi
+
+if test $KEY_DIR; then
+ cd $KEY_DIR && \
+ openssl req -days 3650 -nodes -new -keyout $1.key -out $1.csr -config $KEY_CONFIG && \
+ openssl ca -days 3650 -out $1.crt -in $1.csr -config $KEY_CONFIG && \
+ openssl pkcs12 -export -inkey $1.key -in $1.crt -certfile ca.crt -out $1.p12 && \
+ chmod 0600 $1.key $1.p12
+else
+ echo you must define KEY_DIR
+fi
diff --git a/easy-rsa/1.0/build-key-server b/easy-rsa/1.0/build-key-server
new file mode 100755
index 0000000..30dc41e
--- /dev/null
+++ b/easy-rsa/1.0/build-key-server
@@ -0,0 +1,22 @@
+#!/bin/sh
+
+#
+# Make a certificate/private key pair using a locally generated
+# root certificate.
+#
+# Explicitly set nsCertType to server using the "server"
+# extension in the openssl.cnf file.
+
+if test $# -ne 1; then
+ echo "usage: build-key-server <name>";
+ exit 1
+fi
+
+if test $KEY_DIR; then
+ cd $KEY_DIR && \
+ openssl req -days 3650 -nodes -new -keyout $1.key -out $1.csr -extensions server -config $KEY_CONFIG && \
+ openssl ca -days 3650 -out $1.crt -in $1.csr -extensions server -config $KEY_CONFIG && \
+ chmod 0600 $1.key
+else
+ echo you must define KEY_DIR
+fi