diff options
author | james <james@e7ae566f-a301-0410-adde-c780ea21d3b5> | 2005-09-26 07:40:02 +0000 |
---|---|---|
committer | james <james@e7ae566f-a301-0410-adde-c780ea21d3b5> | 2005-09-26 07:40:02 +0000 |
commit | 3c7f2f553be4b3ba9412c1b3f64a258c469d78f4 (patch) | |
tree | 9d58836b0f1eade372de7ce15c41d6555d55ef21 /easy-rsa/1.0/build-key | |
parent | This is the start of the BETA21 branch. (diff) | |
download | openvpn-3c7f2f553be4b3ba9412c1b3f64a258c469d78f4.tar.xz |
version 2.1_beta1
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@581 e7ae566f-a301-0410-adde-c780ea21d3b5
Diffstat (limited to '')
-rwxr-xr-x | easy-rsa/1.0/build-key | 20 | ||||
-rwxr-xr-x | easy-rsa/1.0/build-key-pass | 20 | ||||
-rwxr-xr-x | easy-rsa/1.0/build-key-pkcs12 | 21 | ||||
-rwxr-xr-x | easy-rsa/1.0/build-key-server | 22 |
4 files changed, 83 insertions, 0 deletions
diff --git a/easy-rsa/1.0/build-key b/easy-rsa/1.0/build-key new file mode 100755 index 0000000..3159d2b --- /dev/null +++ b/easy-rsa/1.0/build-key @@ -0,0 +1,20 @@ +#!/bin/sh + +# +# Make a certificate/private key pair using a locally generated +# root certificate. +# + +if test $# -ne 1; then + echo "usage: build-key <name>"; + exit 1 +fi + +if test $KEY_DIR; then + cd $KEY_DIR && \ + openssl req -days 3650 -nodes -new -keyout $1.key -out $1.csr -config $KEY_CONFIG && \ + openssl ca -days 3650 -out $1.crt -in $1.csr -config $KEY_CONFIG && \ + chmod 0600 $1.key +else + echo you must define KEY_DIR +fi diff --git a/easy-rsa/1.0/build-key-pass b/easy-rsa/1.0/build-key-pass new file mode 100755 index 0000000..03ab304 --- /dev/null +++ b/easy-rsa/1.0/build-key-pass @@ -0,0 +1,20 @@ +#!/bin/sh + +# +# Similar to build-key, but protect the private key +# with a password. +# + +if test $# -ne 1; then + echo "usage: build-key-pass <name>"; + exit 1 +fi + +if test $KEY_DIR; then + cd $KEY_DIR && \ + openssl req -days 3650 -new -keyout $1.key -out $1.csr -config $KEY_CONFIG && \ + openssl ca -days 3650 -out $1.crt -in $1.csr -config $KEY_CONFIG && \ + chmod 0600 $1.key +else + echo you must define KEY_DIR +fi diff --git a/easy-rsa/1.0/build-key-pkcs12 b/easy-rsa/1.0/build-key-pkcs12 new file mode 100755 index 0000000..f8a057b --- /dev/null +++ b/easy-rsa/1.0/build-key-pkcs12 @@ -0,0 +1,21 @@ +#!/bin/sh + +# +# Make a certificate/private key pair using a locally generated +# root certificate and convert it to a PKCS #12 file including the +# the CA certificate as well. + +if test $# -ne 1; then + echo "usage: build-key-pkcs12 <name>"; + exit 1 +fi + +if test $KEY_DIR; then + cd $KEY_DIR && \ + openssl req -days 3650 -nodes -new -keyout $1.key -out $1.csr -config $KEY_CONFIG && \ + openssl ca -days 3650 -out $1.crt -in $1.csr -config $KEY_CONFIG && \ + openssl pkcs12 -export -inkey $1.key -in $1.crt -certfile ca.crt -out $1.p12 && \ + chmod 0600 $1.key $1.p12 +else + echo you must define KEY_DIR +fi diff --git a/easy-rsa/1.0/build-key-server b/easy-rsa/1.0/build-key-server new file mode 100755 index 0000000..30dc41e --- /dev/null +++ b/easy-rsa/1.0/build-key-server @@ -0,0 +1,22 @@ +#!/bin/sh + +# +# Make a certificate/private key pair using a locally generated +# root certificate. +# +# Explicitly set nsCertType to server using the "server" +# extension in the openssl.cnf file. + +if test $# -ne 1; then + echo "usage: build-key-server <name>"; + exit 1 +fi + +if test $KEY_DIR; then + cd $KEY_DIR && \ + openssl req -days 3650 -nodes -new -keyout $1.key -out $1.csr -extensions server -config $KEY_CONFIG && \ + openssl ca -days 3650 -out $1.crt -in $1.csr -extensions server -config $KEY_CONFIG && \ + chmod 0600 $1.key +else + echo you must define KEY_DIR +fi |