github.com/nsqio/nsq@v1.3.0/nsqd/test/cert.sh

github.com/nsqio/nsq@v1.3.0/nsqd/test/cert.sh (about)

     1  #!/bin/bash
     2  # ./cert.sh foo@foo.com 127.0.0.1
     3  # Found: https://gist.github.com/ncw/9253562#file-makecert-sh
     4  
     5  if [ "$1" == "" ]; then
     6      echo "Need email as argument"
     7      exit 1
     8  fi
     9  
    10  if [ "$2" == "" ]; then
    11      echo "Need CN as argument"
    12      exit 1
    13  fi
    14  
    15  PRIVKEY="test"
    16  EMAIL=$1
    17  CN=$2
    18  
    19  rm -rf tmp
    20  mkdir tmp
    21  cd tmp
    22  
    23  echo "make CA"
    24  openssl req -new -x509 -days 3650 -keyout ca.key -out ca.pem \
    25      -config ../openssl.conf -extensions ca \
    26      -subj "/CN=ca" \
    27      -passout pass:$PRIVKEY
    28  
    29  echo "make server cert"
    30  openssl genrsa -out server.key 2048
    31  openssl req -new -sha256 -key server.key -out server.req \
    32      -subj "/emailAddress=${EMAIL}/C=DE/ST=NRW/L=Earth/O=Random Company/OU=IT/CN=${CN}"
    33  openssl x509 -req -days 3650 -sha256 -in server.req -CA ca.pem -CAkey ca.key -CAcreateserial -passin pass:$PRIVKEY -out server.pem \
    34      -extfile ../openssl.conf -extensions server
    35      
    36  
    37  echo "make client cert"
    38  openssl genrsa -out client.key 2048
    39  openssl req -new -sha256 -key client.key -out client.req \
    40      -subj "/emailAddress=${EMAIL}/C=DE/ST=NRW/L=Earth/O=Random Company/OU=IT/CN=${CN}"
    41  openssl x509 -req -days 3650 -sha256 -in client.req -CA ca.pem -CAkey ca.key -CAserial ca.srl -passin pass:$PRIVKEY -out client.pem \
    42      -extfile ../openssl.conf -extensions client
    43  
    44  cd ..
    45  mv tmp/* certs
    46  rm -rf tmp