AT&T 2.0.19 Code drop, stage 6

Issue-ID: AAF-197
Change-Id: I77f26db1f34bea217888faaa28d4dc79f6edb804
Signed-off-by: Instrumental <jcgmisc@stl.gathman.org>
diff --git a/conf/CA/intermediate.sh b/conf/CA/intermediate.sh
new file mode 100644
index 0000000..b207150
--- /dev/null
+++ b/conf/CA/intermediate.sh
@@ -0,0 +1,57 @@
+#
+# Initialize a manual Cert.  This is NOT entered in Certman Records
+#
+  if [ -e intermediate.serial ]; then
+    ((SERIAL=`cat intermediate.serial` + 1))
+  else
+    SERIAL=1
+  fi
+  echo $SERIAL > intermediate.serial
+DIR=intermediate_$SERIAL
+
+mkdir -p $DIR/private $DIR/certs $DIR/newcerts
+chmod 700 $DIR/private
+chmod 755 $DIR/certs $DIR/newcerts
+touch $DIR/index.txt
+if [ ! -e $DIR/serial ]; then
+  echo '01' > $DIR/serial
+fi
+cp manual.sh p12.sh subject.aaf $DIR
+
+if [  "$1" == "" ]; then
+  CN=intermediateCA_$SERIAL
+else
+  CN=$1
+fi
+
+SUBJECT="/CN=$CN`cat subject.aaf`"
+echo $SUBJECT
+  echo "IMPORTANT: If for any reason, you kill this process, type 'stty sane'"
+  echo "Enter the PassPhrase for the Key for $CN: "
+  `stty -echo`
+  read PASSPHRASE
+  `stty echo`
+ 
+  # Create a regaular rsa encrypted key
+  openssl req -new -newkey rsa:4096 -sha256 -keyout $DIR/private/ca.key \
+	   -out $DIR/$CN.csr -outform PEM -subj "$SUBJECT" \
+	   -passout stdin  << EOF
+$PASSPHRASE
+EOF
+
+  chmod 400 $DIR/private/$CN.key 
+  openssl req -verify -text -noout -in $DIR/$CN.csr
+
+  # Sign it
+  openssl ca -config openssl.conf -extensions v3_intermediate_ca \
+     -cert certs/ca.crt -keyfile private/ca.key -out $DIR/certs/ca.crt \
+	-infiles $DIR/$CN.csr
+
+    openssl x509 -text -noout -in $DIR/certs/ca.crt
+
+
+     openssl verify -CAfile certs/ca.crt $DIR/certs/ca.crt
+
+
+
+