Missing Licenses

[aaf/authz.git] / conf / CA / newIntermediate.sh

diff --git a/conf/CA/newIntermediate.sh b/conf/CA/newIntermediate.sh
index 88b524b..ebd23ee 100644 (file)
--- a/conf/CA/newIntermediate.sh
+++ b/conf/CA/newIntermediate.sh
@@ -1,10 +1,30 @@
+#!/bin/bash
+#########
+#  ============LICENSE_START====================================================
+#  org.onap.aaf
+#  ===========================================================================
+#  Copyright (c) 2017 AT&T Intellectual Property. All rights reserved.
+#  ===========================================================================
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+#  ============LICENSE_END====================================================
+#
 #
 # Initialize an Intermediate CA Cert.  
 #
   if [ -e intermediate.serial ]; then
     ((SERIAL=`cat intermediate.serial` + 1))
   else
-    SERIAL=1
+    SERIAL=$(date +%s)
   fi
   echo $SERIAL > intermediate.serial
 DIR=intermediate_$SERIAL
@@ -13,6 +33,8 @@ mkdir -p $DIR/private $DIR/certs $DIR/newcerts
 chmod 700 $DIR/private
 chmod 755 $DIR/certs $DIR/newcerts
 touch $DIR/index.txt
+echo "unique_subject = no" > $DIR/index.txt.attr
+
 if [ ! -e $DIR/serial ]; then
   echo '01' > $DIR/serial
 fi
@@ -39,18 +61,18 @@ echo $SUBJECT
 $PASSPHRASE
 EOF
 
-  chmod 400 $DIR/private/$CN.key 
+  chmod 400 $DIR/private/ca.key
   openssl req -verify -text -noout -in $DIR/$CN.csr
 
   # Sign it
   openssl ca -config openssl.conf -extensions v3_intermediate_ca \
-     -cert certs/ca.crt -keyfile private/ca.key -out $DIR/certs/ca.crt \
+       -days 1826 \
+  -cert certs/ca.crt -keyfile private/ca.key -out $DIR/certs/ca.crt \
        -infiles $DIR/$CN.csr
 
-    openssl x509 -text -noout -in $DIR/certs/ca.crt
-
+   openssl x509 -text -noout -in $DIR/certs/ca.crt
 
-     openssl verify -CAfile certs/ca.crt $DIR/certs/ca.crt
+   openssl verify -CAfile certs/ca.crt $DIR/certs/ca.crt
 
 
 # Create a Signer p12 script