3 # ============LICENSE_START===============================================
4 # Copyright (C) 2023 Nordix Foundation. All rights reserved.
5 # ========================================================================
6 # Licensed under the Apache License, Version 2.0 (the "License");
7 # you may not use this file except in compliance with the License.
8 # You may obtain a copy of the License at
10 # http://www.apache.org/licenses/LICENSE-2.0
12 # Unless required by applicable law or agreed to in writing, software
13 # distributed under the License is distributed on an "AS IS" BASIS,
14 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 # See the License for the specific language governing permissions and
16 # limitations under the License.
17 # ============LICENSE_END=================================================
20 echo "Generating https certs"
22 echo "script-home: "$SD
27 echo "Usage: gen-certs.sh <num-certs>"
46 echo "Generating ca cert and key"
47 echo " Generating ca key"
48 openssl genrsa 2048 > ca.key 2> /dev/null
51 echo " Generating ca cert"
52 openssl req -new -x509 -nodes -days 365000 -key ca.key -subj "/C=SE/ST=./L=./O=EST/OU=EST/CN=$SRV/emailAddress=a@example.com" -out httpsca.crt 2> /dev/null
57 for (( i=0; i<${1}; i++ )); do
58 SRV="pm-https-server-$i.pm-https-server.ran"
60 echo " Generating cert and key for server $SRV"
61 openssl req -newkey rsa:2048 -nodes -days 365000 -subj "/C=SE/ST=./L=./O=ERIC/OU=ERIC/CN=$SRV/emailAddress=a@example.com" -keyout https-$i.key -out https-req$i.crt 2> /dev/null
65 openssl x509 -req -days 365000 -set_serial 01 -in https-req$i.crt -out https-$i.crt -CA httpsca.crt -CAkey ca.key
67 echo " Verifying cert towards ca cert"
68 openssl verify -CAfile httpsca.crt httpsca.crt https-$i.crt