X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=conf%2FCA%2Fmanual.sh;fp=conf%2FCA%2Fmanual.sh;h=bb891759a2599811677d367655ecf3d6558af7a7;hb=31d847ed8562bc6169fd8c33af93302d67ab074e;hp=0000000000000000000000000000000000000000;hpb=0ed473b17619d749bbdf56ad17199e71fb04c2be;p=aaf%2Fauthz.git

diff --git a/conf/CA/manual.sh b/conf/CA/manual.sh
new file mode 100644
index 00000000..bb891759
--- /dev/null
+++ b/conf/CA/manual.sh
@@ -0,0 +1,55 @@
+#
+# Initialize a manual Cert.  This is NOT entered in Certman Records
+#
+echo "FQI (Fully Qualified Identity): "
+read FQI
+if [ "$1" = "" -o "$1" = "-local" ]; then 
+  echo "Personal Certificate"
+  SUBJECT="/CN=$FQI/OU=V1`cat subject.aaf`"
+else 
+  echo "Application Certificate"
+  SUBJECT="/CN=$1/OU=$FQI`cat subject.aaf`"
+  FQI=$1
+  shift
+fi
+echo $SUBJECT
+
+if [ -e $FQI.csr ]; then
+  SIGN_IT=true
+else 
+  if [ "$1" = "-local" ]; then
+	echo "IMPORTANT: If for any reason, you kill this process, type 'stty sane'"
+	echo "Enter the PassPhrase for the Key for $FQI: "
+	`stty -echo`
+	read PASSPHRASE
+	`stty echo`
+ 
+	# remove any previous Private key
+	rm private/$FQI.key
+	# Create j regaular rsa encrypted key
+	openssl req -new -newkey rsa:2048 -sha256 -keyout private/$FQI.key \
+	  -out $FQI.csr -outform PEM -subj "$SUBJECT" \
+	  -passout stdin  << EOF
+$PASSPHRASE
+EOF
+	chmod 400 private/$FQI.key 
+	SIGN_IT=true
+  else 
+	echo openssl req -newkey rsa:4096 -sha256 -keyout $FQI.key -out $FQI.csr -outform PEM -subj '"'$SUBJECT'"'
+	echo chmod 400 $FQI.key
+	echo "# All done, print result"
+	echo openssl req -verify -text -noout -in $FQI.csr
+  fi
+fi
+
+if [ "$SIGN_IT" = "true" ]; then
+  # Sign it
+  openssl ca -config ../openssl.conf -extensions server_cert -out $FQI.crt \
+	-cert certs/ca.crt -keyfile private/ca.key \
+	 -policy policy_loose \
+	-infiles $FQI.csr
+fi
+
+
+
+