github.com/choria-io/go-choria@v0.28.1-0.20240416190746-b3bf9c7d5a45/providers/security/testdata/intermediate/Makefile

github.com/choria-io/go-choria@v0.28.1-0.20240416190746-b3bf9c7d5a45/providers/security/testdata/intermediate/Makefile (about)

     1  all:
     2  	@rm -f ${PWD}/*.csr ${PWD}/*.pem
     3  	cfssl genkey -initca root.json | cfssljson -bare ca
     4  	cfssl genkey -initca intermediate.json | cfssljson -bare intermediate
     5  	cfssl sign -profile ca-to-root -ca ca.pem -ca-key ca-key.pem -config config.json intermediate.csr | cfssljson -bare intermediate
     6  	cfssl genkey csr.json | cfssljson -bare rip.mcollective
     7  	cfssl gencsr -key rip.mcollective-key.pem csr.json  | cfssljson -bare rip.mcollective
     8  	cfssl sign -ca intermediate.pem -ca-key intermediate-key.pem rip.mcollective.csr subject.json | cfssljson -bare rip.mcollective && openssl x509 -in rip.mcollective.pem -noout -text
     9  	cat rip.mcollective.pem intermediate.pem > chain-rip.mcollective.pem
    10  	openssl verify -CAfile ca.pem -untrusted chain-rip.mcollective.pem chain-rip.mcollective.pem
    11  	cp ca.pem certs/ca.pem
    12  	cp chain-rip.mcollective.pem certs/rip.mcollective.pem
    13  	
    14  second:
    15  	# Make second cert chain to test caching
    16  	cfssl gencsr -key rip.mcollective-key.pem csr.json  | cfssljson -bare second-rip.mcollective
    17  	cfssl sign -ca intermediate.pem -ca-key intermediate-key.pem rip.mcollective.csr subject.json | cfssljson -bare second-rip.mcollective && openssl x509 -in second-rip.mcollective.pem -noout -text
    18  	cat second-rip.mcollective.pem intermediate.pem > second-chain-rip.mcollective.pem
    19  	openssl x509 -in second-rip.mcollective.pem -noout -text
    20  
    21  ca_chain:
    22  	# Make sure that CA side intermediate chains work
    23  	cat ca.pem intermediate.pem > certs/ca_chain_ca.pem
    24  	cat rip.mcollective.pem > certs/ca_chain_rip.mcollective.pem
    25  	openssl verify -CAfile certs/ca_chain_ca.pem certs/ca_chain_rip.mcollective.pem
    26  
    27  email:
    28  	cfssl genkey email.json | cfssljson -bare email.rip.mcollective
    29  	cfssl gencsr -key email.rip.mcollective-key.pem email.json  | cfssljson -bare email.rip.mcollective
    30  	cfssl sign -ca intermediate.pem -ca-key intermediate-key.pem email.rip.mcollective.csr subject.json | cfssljson -bare email.rip.mcollective && openssl x509 -in email.rip.mcollective.pem -noout -text
    31  	cat email.rip.mcollective.pem intermediate.pem > email-chain-rip.mcollective.pem
    32  	openssl verify -CAfile ca.pem -untrusted email-chain-rip.mcollective.pem email-chain-rip.mcollective.pem
    33  	cp email-chain-rip.mcollective.pem certs/email-chain-rip.mcollective.pem
    34  
    35  deploy:
    36  	cp ca.pem certs/ca.pem
    37  	cp chain-rip.mcollective.pem certs/rip.mcollective.pem
    38  	cp second-chain-rip.mcollective.pem certs/second.rip.mcollective.pem
    39  
    40  
    41  clean:
    42  	rm -f *.pem *.csr