github.com/sym3tri/etcd@v0.2.1-0.20140422215517-a563d82f95d6/fixtures/ca/generate_testing_certs.sh (about) 1 #!/bin/bash 2 # 3 # This script is used to generate all cert related files for etcd testing. 4 5 # location for temporary depot 6 depot=".depot" 7 # The passphrases for the keys are `asdf`. 8 passphrase="--passphrase asdf" 9 10 # etcd-ca could be found at github.com/coreos/etcd-ca 11 if [ $# -eq 0 ]; then 12 # try to find it through $GOPATH 13 IFS=':' read -a paths <<< "${GOPATH}" 14 for path in ${paths[@]}; do 15 if [ -f "${path}/bin/etcd-ca" ]; then 16 ca="${path}/bin/etcd-ca --depot-path $depot" 17 break 18 fi 19 done 20 if [ "$ca" == "" ]; then echo "Failed finding etcd-ca binary"; exit 1; fi 21 else 22 # treat the first argument as the path to etcd-ca binary 23 ca="$1 --depot-path $depot" 24 fi 25 26 rm -rf $depot 2>/dev/null 27 # create ca, which is assumed to be the broken one 28 $ca init $passphrase 29 # export out and rename files 30 $ca export | tar xvf - 31 mv ca.crt broken_ca.crt 32 mv ca.key broken_ca.key 33 34 # create certificate 35 $ca new-cert $passphrase --ip 127.0.0.1 server 36 $ca sign $passphrase server 37 # export out and rename files 38 $ca export --insecure $passphrase server | tar xvf - 39 mv server.crt broken_server.crt 40 mv server.key.insecure broken_server.key.insecure 41 42 rm -rf $depot 2>/dev/null 43 # create ca 44 $ca init $passphrase 45 $ca export | tar xvf - 46 47 # create certificate for server 48 $ca new-cert $passphrase --ip 127.0.0.1 server 49 $ca sign $passphrase server 50 $ca export --insecure $passphrase server | tar xvf - 51 $ca chain server > server-chain.pem 52 53 # create certificate for server2 54 $ca new-cert $passphrase --ip 127.0.0.1 server2 55 $ca sign $passphrase server2 56 $ca export --insecure $passphrase server2 | tar xvf - 57 58 rm -rf $depot 2>/dev/null