2 # Initialize a manual Cert. This is NOT entered in Certman Records
4 echo "FQI (Fully Qualified Identity): "
6 if [ "$1" = "" -o "$1" = "-local" ]; then
7 echo "Personal Certificate"
8 SUBJECT="/CN=$FQI/OU=V1`cat subject.aaf`"
10 echo "Application Certificate"
11 SUBJECT="/CN=$1/OU=$FQI`cat subject.aaf`"
17 if [ -e $FQI.csr ]; then
20 if [ "$1" = "-local" ]; then
21 echo "IMPORTANT: If for any reason, you kill this process, type 'stty sane'"
22 echo "Enter the PassPhrase for the Key for $FQI: "
27 # remove any previous Private key
29 # Create j regaular rsa encrypted key
30 openssl req -new -newkey rsa:2048 -sha256 -keyout private/$FQI.key \
31 -out $FQI.csr -outform PEM -subj "$SUBJECT" \
35 chmod 400 private/$FQI.key
38 echo openssl req -newkey rsa:4096 -sha256 -keyout $FQI.key -out $FQI.csr -outform PEM -subj '"'$SUBJECT'"'
39 echo chmod 400 $FQI.key
40 echo "# All done, print result"
41 echo openssl req -verify -text -noout -in $FQI.csr
45 if [ "$SIGN_IT" = "true" ]; then
47 openssl ca -config ../openssl.conf -extensions server_cert -out $FQI.crt \
48 -cert certs/ca.crt -keyfile private/ca.key \
49 -policy policy_loose \