From: Instrumental <jonathan.gathman@att.com>
Date: Tue, 5 Jun 2018 09:03:49 +0000 (-0500)
Subject: Create 5 year Intermediate Certificate
X-Git-Tag: v2.1.1~4
X-Git-Url: https://gerrit.onap.org/r/gitweb?p=aaf%2Fauthz.git;a=commitdiff_plain;h=8601af6961266538a0dd39e36a90a7cd483df029

Create 5 year Intermediate Certificate

Issue-ID: AAF-346
Change-Id: Ifb48c81dfd3c3f603d74f20ff309ef99ce6f1eca
Signed-off-by: Instrumental <jonathan.gathman@att.com>
---

diff --git a/conf/CA/intermediate.sh b/conf/CA/intermediate.sh
deleted file mode 100644
index b2071504..00000000
--- a/conf/CA/intermediate.sh
+++ /dev/null
@@ -1,57 +0,0 @@
-#
-# Initialize a manual Cert.  This is NOT entered in Certman Records
-#
-  if [ -e intermediate.serial ]; then
-    ((SERIAL=`cat intermediate.serial` + 1))
-  else
-    SERIAL=1
-  fi
-  echo $SERIAL > intermediate.serial
-DIR=intermediate_$SERIAL
-
-mkdir -p $DIR/private $DIR/certs $DIR/newcerts
-chmod 700 $DIR/private
-chmod 755 $DIR/certs $DIR/newcerts
-touch $DIR/index.txt
-if [ ! -e $DIR/serial ]; then
-  echo '01' > $DIR/serial
-fi
-cp manual.sh p12.sh subject.aaf $DIR
-
-if [  "$1" == "" ]; then
-  CN=intermediateCA_$SERIAL
-else
-  CN=$1
-fi
-
-SUBJECT="/CN=$CN`cat subject.aaf`"
-echo $SUBJECT
-  echo "IMPORTANT: If for any reason, you kill this process, type 'stty sane'"
-  echo "Enter the PassPhrase for the Key for $CN: "
-  `stty -echo`
-  read PASSPHRASE
-  `stty echo`
- 
-  # Create a regaular rsa encrypted key
-  openssl req -new -newkey rsa:4096 -sha256 -keyout $DIR/private/ca.key \
-	   -out $DIR/$CN.csr -outform PEM -subj "$SUBJECT" \
-	   -passout stdin  << EOF
-$PASSPHRASE
-EOF
-
-  chmod 400 $DIR/private/$CN.key 
-  openssl req -verify -text -noout -in $DIR/$CN.csr
-
-  # Sign it
-  openssl ca -config openssl.conf -extensions v3_intermediate_ca \
-     -cert certs/ca.crt -keyfile private/ca.key -out $DIR/certs/ca.crt \
-	-infiles $DIR/$CN.csr
-
-    openssl x509 -text -noout -in $DIR/certs/ca.crt
-
-
-     openssl verify -CAfile certs/ca.crt $DIR/certs/ca.crt
-
-
-
-
diff --git a/conf/CA/newIntermediate.sh b/conf/CA/newIntermediate.sh
index 88b524b9..94103051 100644
--- a/conf/CA/newIntermediate.sh
+++ b/conf/CA/newIntermediate.sh
@@ -44,7 +44,8 @@ EOF
 
   # Sign it
   openssl ca -config openssl.conf -extensions v3_intermediate_ca \
-     -cert certs/ca.crt -keyfile private/ca.key -out $DIR/certs/ca.crt \
+	-days 1826 \
+     	-cert certs/ca.crt -keyfile private/ca.key -out $DIR/certs/ca.crt \
 	-infiles $DIR/$CN.csr
 
     openssl x509 -text -noout -in $DIR/certs/ca.crt