2 # Initialize a manual Cert. This is NOT entered in Certman Records
4 echo "FQI (Fully Qualified Identity): "
6 if [ "$1" = "" -o "$1" = "-local" ]; then
7 echo "Personal Certificate"
8 SUBJECT="/CN=$FQI/OU=V1`cat subject.aaf`"
11 echo "Application Certificate"
12 SUBJECT="/CN=$1/OU=$FQI`cat subject.aaf`"
19 if [ -e $FQI.csr ]; then
22 if [ "$1" = "-local" ]; then
23 echo "IMPORTANT: If for any reason, you kill this process, type 'stty sane'"
24 echo "Enter the PassPhrase for the Key for $FQI: "
29 # remove any previous Private key
31 # Create j regaular rsa encrypted key
32 openssl req -new -newkey rsa:2048 -sha256 -keyout private/$NAME.key \
33 -out $NAME.csr -outform PEM -subj "$SUBJECT" \
37 chmod 400 private/$NAME.key
40 echo openssl req -newkey rsa:2048 -sha256 -keyout $NAME.key -out $NAME.csr -outform PEM -subj '"'$SUBJECT'"'
41 echo chmod 400 $NAME.key
42 echo "# All done, print result"
43 echo openssl req -verify -text -noout -in $NAME.csr
47 if [ "$SIGN_IT" = "true" ]; then
49 openssl ca -config ../openssl.conf -extensions server_cert -out $NAME.crt \
50 -cert certs/ca.crt -keyfile private/ca.key \
51 -policy policy_loose \