6
echo "* Create certificate ${1}.pem signed by the root CA"
7
echo "* Store the ${1}.pem key file locally with your client/server application"
8
echo "* Enter a secret pass phrase when requested"
9
echo "* The pass phrase is used to access ${1}.pem in your application"
10
echo "* Enter the application's host name as the Common Name when requested"
11
echo "* Enter the root CA pass phrase (Getting CA Private Key) to sign the key file"
12
echo "* The key file will expire after one year or sooner when the root CA expires"
14
# Create a certificate and signing request
16
openssl req -newkey rsa:1024 -sha1 -keyout ${1}key.pem -out ${1}req.pem
18
# Sign the certificate with the root CA
20
openssl x509 -req -in ${1}req.pem -sha1 -extfile openssl.cnf -extensions usr_cert -CA root.pem -CAkey root.pem -CAcreateserial -out ${1}cert.pem -days 365
22
cat ${1}cert.pem ${1}key.pem cacert.pem > ${1}.pem
24
openssl x509 -subject -issuer -dates -noout -in ${1}.pem
28
echo "Usage: cert.sh <certname>"