samples/certs/clientB.sh@e26f1f91118a (annotated)
samples/certs/clientB.sh
Sun, 03 Jul 2011 13:13:36 -0700
- author
- Paul Aurich <paul@darkrain42.org>
- date
- Sun, 03 Jul 2011 13:13:36 -0700
- changeset 41
- e26f1f91118a
- parent 0
- f7d2d78eb424
- permissions
- -rwxr-xr-x
Fix the verification function so it doesn't pass for everyone on invalid purpose errors.
Inspiration and code partially from Matthew
| 0 | 1 | #!/bin/sh |
| 2 | ||
| 3 | openssl req -newkey rsa:1024 -sha1 -keyout clientBkey.pem -out clientBreq.pem \ | |
| 4 | -nodes -config ./clientB.cnf -days 365 -batch | |
| 5 | ||
| 6 | openssl x509 -req -in clientBreq.pem -sha1 -extfile ./clientB.cnf \ | |
| 7 | -extensions usr_cert -CA rootB.pem -CAkey rootBkey.pem -CAcreateserial \ | |
| 8 | -out clientBcert.pem -days 365 | |
| 9 | ||
| 10 | cat clientBcert.pem rootB.pem > clientB.pem | |
| 11 | ||
| 12 | openssl x509 -subject -issuer -noout -in clientB.pem |
