| # Initialize a manual Cert. This is NOT entered in Certman Records |
| echo "FQI (Fully Qualified Identity): " |
| if [ "$1" = "" -o "$1" = "-local" ]; then |
| echo "Personal Certificate" |
| SUBJECT="/CN=$FQI/OU=V1`cat subject.aaf`" |
| echo "Application Certificate" |
| SUBJECT="/CN=$1/OU=$FQI`cat subject.aaf`" |
| if [ "$1" = "-local" ]; then |
| echo "IMPORTANT: If for any reason, you kill this process, type 'stty sane'" |
| echo "Enter the PassPhrase for the Key for $FQI: " |
| # remove any previous Private key |
| # Create j regaular rsa encrypted key |
| openssl req -new -newkey rsa:2048 -sha256 -keyout private/$FQI.key \ |
| -out $FQI.csr -outform PEM -subj "$SUBJECT" \ |
| chmod 400 private/$FQI.key |
| echo openssl req -newkey rsa:2048 -sha256 -keyout $FQI.key -out $FQI.csr -outform PEM -subj '"'$SUBJECT'"' |
| echo "# All done, print result" |
| echo openssl req -verify -text -noout -in $FQI.csr |
| if [ "$SIGN_IT" = "true" ]; then |
| openssl ca -config ../openssl.conf -extensions server_cert -out $FQI.crt \ |
| -cert certs/ca.crt -keyfile private/ca.key \ |