-
Notifications
You must be signed in to change notification settings - Fork 722
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
add different cert algs to benchmarks
- Loading branch information
tinzh
committed
Jun 29, 2023
1 parent
a23e8c5
commit 1d8fff9
Showing
34 changed files
with
904 additions
and
215 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,15 @@ | ||
| -----BEGIN CERTIFICATE----- | ||
| MIICTjCCAdQCFCI17v5gV4ghuGIAMZ/4URS3uOyMMAoGCCqGSM49BAMCMIGJMQsw | ||
| CQYDVQQGEwJKUDEOMAwGA1UECAwFQ2hpYmExEzARBgNVBAcMCkNoaWJhIENpdHkx | ||
| GDAWBgNVBAoMD1Rlc3NpZXItQXNocG9vbDEYMBYGA1UEAwwPZGV2ZWxvcC5sb2Nh | ||
| bGNhMSEwHwYJKoZIhvcNAQkBFhJjYUBkZXZlbG9wLmxvY2FsY2EwIBcNMjMwNjIw | ||
| MTc0OTMwWhgPMjIwMjExMjUxNzQ5MzBaMIGJMQswCQYDVQQGEwJKUDEOMAwGA1UE | ||
| CAwFQ2hpYmExEzARBgNVBAcMCkNoaWJhIENpdHkxGDAWBgNVBAoMD1Rlc3NpZXIt | ||
| QXNocG9vbDEYMBYGA1UEAwwPZGV2ZWxvcC5sb2NhbGNhMSEwHwYJKoZIhvcNAQkB | ||
| FhJjYUBkZXZlbG9wLmxvY2FsY2EwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQBa11l | ||
| hdlPfuEwoEDyQVjMAfwjBvNYPiHoSzFgcTvEmjqEnTC+ZaOnPb+gJ+mk1ZUgmXpG | ||
| woEGhY+Z9IIiaZWfW9NRrPUabh5SlUh+t76NUNX7xzukGHUlTJNBQmD34pAwCgYI | ||
| KoZIzj0EAwIDaAAwZQIxAOCrMxHjK4UFKK+oaalbkmf8JbaOTOj9dk2DG7ciGzZ2 | ||
| g+sqQq6zyfxoiOCwnGwD6AIwQ4AjIC5LzRUnqVtrbdg4snB3sim8FfhKXW9Rrrhq | ||
| EbUxsAjxGKiCVmTr0UyXFiB9 | ||
| -----END CERTIFICATE----- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,19 @@ | ||
| -----BEGIN CERTIFICATE----- | ||
| MIIDGzCCAqCgAwIBAgIUPqC8apGPfAOaZwdkr6H5cPXH9oUwCgYIKoZIzj0EAwIw | ||
| gYkxCzAJBgNVBAYTAkpQMQ4wDAYDVQQIDAVDaGliYTETMBEGA1UEBwwKQ2hpYmEg | ||
| Q2l0eTEYMBYGA1UECgwPVGVzc2llci1Bc2hwb29sMRgwFgYDVQQDDA9kZXZlbG9w | ||
| LmxvY2FsY2ExITAfBgkqhkiG9w0BCQEWEmNhQGRldmVsb3AubG9jYWxjYTAgFw0y | ||
| MzA2MjAxNzQ5MzBaGA8yMjAyMTEyNTE3NDkzMFowYDELMAkGA1UEBhMCVVMxEzAR | ||
| BgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxDzANBgNVBAoMBmNs | ||
| aWVudDEZMBcGA1UEAwwQY2xpZW50LmxvY2FsaG9zdDB2MBAGByqGSM49AgEGBSuB | ||
| BAAiA2IABMX8WCuYv5PV74bCbwe0V+N59uKScDBNBvKsaDfe0Zzw2zKXf1pEhbRi | ||
| oAyxadH88Uw1uozMbif35qUeiJqt07/LMKqFbTSYlUvWAvLRm5wpiv9Py8DWvsji | ||
| 0WSJGibcMKOB7jCB6zAUBgNVHREEDTALgglsb2NhbGhvc3QwHQYDVR0OBBYEFE1l | ||
| y7Io0670fI/dz2V6UBEyV/x5MIGzBgNVHSMEgaswgaihgY+kgYwwgYkxCzAJBgNV | ||
| BAYTAkpQMQ4wDAYDVQQIDAVDaGliYTETMBEGA1UEBwwKQ2hpYmEgQ2l0eTEYMBYG | ||
| A1UECgwPVGVzc2llci1Bc2hwb29sMRgwFgYDVQQDDA9kZXZlbG9wLmxvY2FsY2Ex | ||
| ITAfBgkqhkiG9w0BCQEWEmNhQGRldmVsb3AubG9jYWxjYYIUIjXu/mBXiCG4YgAx | ||
| n/hRFLe47IwwCgYIKoZIzj0EAwIDaQAwZgIxAJ5fuUU5B1F5HYnV5KdNIkU0vQMt | ||
| 1lk4c+Vh/L9X3nHUrtj5aqQ3yttKNFwS28PxvwIxAPxrzMnGMxYYB4ujMmhj/CZz | ||
| vsg2/wx0vPwPfHSGmaWOPdzX27n2iZyvNlLjGVaEVw== | ||
| -----END CERTIFICATE----- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,34 @@ | ||
| -----BEGIN CERTIFICATE----- | ||
| MIIDGzCCAqCgAwIBAgIUPqC8apGPfAOaZwdkr6H5cPXH9oUwCgYIKoZIzj0EAwIw | ||
| gYkxCzAJBgNVBAYTAkpQMQ4wDAYDVQQIDAVDaGliYTETMBEGA1UEBwwKQ2hpYmEg | ||
| Q2l0eTEYMBYGA1UECgwPVGVzc2llci1Bc2hwb29sMRgwFgYDVQQDDA9kZXZlbG9w | ||
| LmxvY2FsY2ExITAfBgkqhkiG9w0BCQEWEmNhQGRldmVsb3AubG9jYWxjYTAgFw0y | ||
| MzA2MjAxNzQ5MzBaGA8yMjAyMTEyNTE3NDkzMFowYDELMAkGA1UEBhMCVVMxEzAR | ||
| BgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxDzANBgNVBAoMBmNs | ||
| aWVudDEZMBcGA1UEAwwQY2xpZW50LmxvY2FsaG9zdDB2MBAGByqGSM49AgEGBSuB | ||
| BAAiA2IABMX8WCuYv5PV74bCbwe0V+N59uKScDBNBvKsaDfe0Zzw2zKXf1pEhbRi | ||
| oAyxadH88Uw1uozMbif35qUeiJqt07/LMKqFbTSYlUvWAvLRm5wpiv9Py8DWvsji | ||
| 0WSJGibcMKOB7jCB6zAUBgNVHREEDTALgglsb2NhbGhvc3QwHQYDVR0OBBYEFE1l | ||
| y7Io0670fI/dz2V6UBEyV/x5MIGzBgNVHSMEgaswgaihgY+kgYwwgYkxCzAJBgNV | ||
| BAYTAkpQMQ4wDAYDVQQIDAVDaGliYTETMBEGA1UEBwwKQ2hpYmEgQ2l0eTEYMBYG | ||
| A1UECgwPVGVzc2llci1Bc2hwb29sMRgwFgYDVQQDDA9kZXZlbG9wLmxvY2FsY2Ex | ||
| ITAfBgkqhkiG9w0BCQEWEmNhQGRldmVsb3AubG9jYWxjYYIUIjXu/mBXiCG4YgAx | ||
| n/hRFLe47IwwCgYIKoZIzj0EAwIDaQAwZgIxAJ5fuUU5B1F5HYnV5KdNIkU0vQMt | ||
| 1lk4c+Vh/L9X3nHUrtj5aqQ3yttKNFwS28PxvwIxAPxrzMnGMxYYB4ujMmhj/CZz | ||
| vsg2/wx0vPwPfHSGmaWOPdzX27n2iZyvNlLjGVaEVw== | ||
| -----END CERTIFICATE----- | ||
| -----BEGIN CERTIFICATE----- | ||
| MIICTjCCAdQCFCI17v5gV4ghuGIAMZ/4URS3uOyMMAoGCCqGSM49BAMCMIGJMQsw | ||
| CQYDVQQGEwJKUDEOMAwGA1UECAwFQ2hpYmExEzARBgNVBAcMCkNoaWJhIENpdHkx | ||
| GDAWBgNVBAoMD1Rlc3NpZXItQXNocG9vbDEYMBYGA1UEAwwPZGV2ZWxvcC5sb2Nh | ||
| bGNhMSEwHwYJKoZIhvcNAQkBFhJjYUBkZXZlbG9wLmxvY2FsY2EwIBcNMjMwNjIw | ||
| MTc0OTMwWhgPMjIwMjExMjUxNzQ5MzBaMIGJMQswCQYDVQQGEwJKUDEOMAwGA1UE | ||
| CAwFQ2hpYmExEzARBgNVBAcMCkNoaWJhIENpdHkxGDAWBgNVBAoMD1Rlc3NpZXIt | ||
| QXNocG9vbDEYMBYGA1UEAwwPZGV2ZWxvcC5sb2NhbGNhMSEwHwYJKoZIhvcNAQkB | ||
| FhJjYUBkZXZlbG9wLmxvY2FsY2EwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQBa11l | ||
| hdlPfuEwoEDyQVjMAfwjBvNYPiHoSzFgcTvEmjqEnTC+ZaOnPb+gJ+mk1ZUgmXpG | ||
| woEGhY+Z9IIiaZWfW9NRrPUabh5SlUh+t76NUNX7xzukGHUlTJNBQmD34pAwCgYI | ||
| KoZIzj0EAwIDaAAwZQIxAOCrMxHjK4UFKK+oaalbkmf8JbaOTOj9dk2DG7ciGzZ2 | ||
| g+sqQq6zyfxoiOCwnGwD6AIwQ4AjIC5LzRUnqVtrbdg4snB3sim8FfhKXW9Rrrhq | ||
| EbUxsAjxGKiCVmTr0UyXFiB9 | ||
| -----END CERTIFICATE----- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,6 @@ | ||
| -----BEGIN PRIVATE KEY----- | ||
| MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDBRe7cOunVcaEtuUqVO | ||
| frBwYT5ENPaOFHNRSaOK9fmpG/0j5BRRn8JD8CqBo0gHMLuhZANiAATF/FgrmL+T | ||
| 1e+Gwm8HtFfjefbiknAwTQbyrGg33tGc8Nsyl39aRIW0YqAMsWnR/PFMNbqMzG4n | ||
| 9+alHoiardO/yzCqhW00mJVL1gLy0ZucKYr/T8vA1r7I4tFkiRom3DA= | ||
| -----END PRIVATE KEY----- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,19 @@ | ||
| -----BEGIN CERTIFICATE----- | ||
| MIIDGjCCAqCgAwIBAgIUQ0cVVrzSnGbwpFh/2nAbu7yMsk4wCgYIKoZIzj0EAwIw | ||
| gYkxCzAJBgNVBAYTAkpQMQ4wDAYDVQQIDAVDaGliYTETMBEGA1UEBwwKQ2hpYmEg | ||
| Q2l0eTEYMBYGA1UECgwPVGVzc2llci1Bc2hwb29sMRgwFgYDVQQDDA9kZXZlbG9w | ||
| LmxvY2FsY2ExITAfBgkqhkiG9w0BCQEWEmNhQGRldmVsb3AubG9jYWxjYTAgFw0y | ||
| MzA2MjAxNzQ5MzBaGA8yMjAyMTEyNTE3NDkzMFowYDELMAkGA1UEBhMCVVMxEzAR | ||
| BgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxDzANBgNVBAoMBnNl | ||
| cnZlcjEZMBcGA1UEAwwQc2VydmVyLmxvY2FsaG9zdDB2MBAGByqGSM49AgEGBSuB | ||
| BAAiA2IABJC2pUj/7+bwIS1d2094qztfgCUbFac5dnnDNmiRDFy1pP4SQSrjFo3v | ||
| RJe0eke5VXcOw4i5AuqKkgyr8xZybeb+OoflrHd2VCpf8aCqLLPo5jYg4QAkrgXp | ||
| 7AtN7dWlnaOB7jCB6zAUBgNVHREEDTALgglsb2NhbGhvc3QwHQYDVR0OBBYEFDQD | ||
| ydDtN4aSFAvuuWMZU2LKcZufMIGzBgNVHSMEgaswgaihgY+kgYwwgYkxCzAJBgNV | ||
| BAYTAkpQMQ4wDAYDVQQIDAVDaGliYTETMBEGA1UEBwwKQ2hpYmEgQ2l0eTEYMBYG | ||
| A1UECgwPVGVzc2llci1Bc2hwb29sMRgwFgYDVQQDDA9kZXZlbG9wLmxvY2FsY2Ex | ||
| ITAfBgkqhkiG9w0BCQEWEmNhQGRldmVsb3AubG9jYWxjYYIUIjXu/mBXiCG4YgAx | ||
| n/hRFLe47IwwCgYIKoZIzj0EAwIDaAAwZQIwKWZ+rvNGNBzD2aBU+Q3hlkh5rpor | ||
| ZWSYcQ9Q+Wl7CvftZjLC5irD8qpMCQ1TkWCxAjEAhbzz3pJo0I3IGom0rI5napQ5 | ||
| TnvosY7sQJl+XAu13kAhRgCZob3Y1wM6HKORGfD2 | ||
| -----END CERTIFICATE----- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,34 @@ | ||
| -----BEGIN CERTIFICATE----- | ||
| MIIDGjCCAqCgAwIBAgIUQ0cVVrzSnGbwpFh/2nAbu7yMsk4wCgYIKoZIzj0EAwIw | ||
| gYkxCzAJBgNVBAYTAkpQMQ4wDAYDVQQIDAVDaGliYTETMBEGA1UEBwwKQ2hpYmEg | ||
| Q2l0eTEYMBYGA1UECgwPVGVzc2llci1Bc2hwb29sMRgwFgYDVQQDDA9kZXZlbG9w | ||
| LmxvY2FsY2ExITAfBgkqhkiG9w0BCQEWEmNhQGRldmVsb3AubG9jYWxjYTAgFw0y | ||
| MzA2MjAxNzQ5MzBaGA8yMjAyMTEyNTE3NDkzMFowYDELMAkGA1UEBhMCVVMxEzAR | ||
| BgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxDzANBgNVBAoMBnNl | ||
| cnZlcjEZMBcGA1UEAwwQc2VydmVyLmxvY2FsaG9zdDB2MBAGByqGSM49AgEGBSuB | ||
| BAAiA2IABJC2pUj/7+bwIS1d2094qztfgCUbFac5dnnDNmiRDFy1pP4SQSrjFo3v | ||
| RJe0eke5VXcOw4i5AuqKkgyr8xZybeb+OoflrHd2VCpf8aCqLLPo5jYg4QAkrgXp | ||
| 7AtN7dWlnaOB7jCB6zAUBgNVHREEDTALgglsb2NhbGhvc3QwHQYDVR0OBBYEFDQD | ||
| ydDtN4aSFAvuuWMZU2LKcZufMIGzBgNVHSMEgaswgaihgY+kgYwwgYkxCzAJBgNV | ||
| BAYTAkpQMQ4wDAYDVQQIDAVDaGliYTETMBEGA1UEBwwKQ2hpYmEgQ2l0eTEYMBYG | ||
| A1UECgwPVGVzc2llci1Bc2hwb29sMRgwFgYDVQQDDA9kZXZlbG9wLmxvY2FsY2Ex | ||
| ITAfBgkqhkiG9w0BCQEWEmNhQGRldmVsb3AubG9jYWxjYYIUIjXu/mBXiCG4YgAx | ||
| n/hRFLe47IwwCgYIKoZIzj0EAwIDaAAwZQIwKWZ+rvNGNBzD2aBU+Q3hlkh5rpor | ||
| ZWSYcQ9Q+Wl7CvftZjLC5irD8qpMCQ1TkWCxAjEAhbzz3pJo0I3IGom0rI5napQ5 | ||
| TnvosY7sQJl+XAu13kAhRgCZob3Y1wM6HKORGfD2 | ||
| -----END CERTIFICATE----- | ||
| -----BEGIN CERTIFICATE----- | ||
| MIICTjCCAdQCFCI17v5gV4ghuGIAMZ/4URS3uOyMMAoGCCqGSM49BAMCMIGJMQsw | ||
| CQYDVQQGEwJKUDEOMAwGA1UECAwFQ2hpYmExEzARBgNVBAcMCkNoaWJhIENpdHkx | ||
| GDAWBgNVBAoMD1Rlc3NpZXItQXNocG9vbDEYMBYGA1UEAwwPZGV2ZWxvcC5sb2Nh | ||
| bGNhMSEwHwYJKoZIhvcNAQkBFhJjYUBkZXZlbG9wLmxvY2FsY2EwIBcNMjMwNjIw | ||
| MTc0OTMwWhgPMjIwMjExMjUxNzQ5MzBaMIGJMQswCQYDVQQGEwJKUDEOMAwGA1UE | ||
| CAwFQ2hpYmExEzARBgNVBAcMCkNoaWJhIENpdHkxGDAWBgNVBAoMD1Rlc3NpZXIt | ||
| QXNocG9vbDEYMBYGA1UEAwwPZGV2ZWxvcC5sb2NhbGNhMSEwHwYJKoZIhvcNAQkB | ||
| FhJjYUBkZXZlbG9wLmxvY2FsY2EwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQBa11l | ||
| hdlPfuEwoEDyQVjMAfwjBvNYPiHoSzFgcTvEmjqEnTC+ZaOnPb+gJ+mk1ZUgmXpG | ||
| woEGhY+Z9IIiaZWfW9NRrPUabh5SlUh+t76NUNX7xzukGHUlTJNBQmD34pAwCgYI | ||
| KoZIzj0EAwIDaAAwZQIxAOCrMxHjK4UFKK+oaalbkmf8JbaOTOj9dk2DG7ciGzZ2 | ||
| g+sqQq6zyfxoiOCwnGwD6AIwQ4AjIC5LzRUnqVtrbdg4snB3sim8FfhKXW9Rrrhq | ||
| EbUxsAjxGKiCVmTr0UyXFiB9 | ||
| -----END CERTIFICATE----- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,6 @@ | ||
| -----BEGIN PRIVATE KEY----- | ||
| MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDB0T4dbewat5Y8DRLsT | ||
| f8YU9fP21tqvZPYLoEBTiHfUelhJptLJ4Y14MQeZUgDhGMuhZANiAASQtqVI/+/m | ||
| 8CEtXdtPeKs7X4AlGxWnOXZ5wzZokQxctaT+EkEq4xaN70SXtHpHuVV3DsOIuQLq | ||
| ipIMq/MWcm3m/jqH5ax3dlQqX/Ggqiyz6OY2IOEAJK4F6ewLTe3VpZ0= | ||
| -----END PRIVATE KEY----- |
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,35 +1,66 @@ | ||
| #!/bin/bash | ||
|
|
||
| # Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. | ||
| # SPDX-License-Identifier: Apache-2.0 | ||
|
|
||
| # immediately bail if any command fails | ||
| set -e | ||
|
|
||
| # go to directory script is located in | ||
| pushd "$(dirname "$0")" | ||
|
|
||
| echo "generating CA private key and certificate" | ||
| openssl req -nodes -new -x509 -keyout ca-key.pem -out ca-cert.pem -days 65536 -config config/ca.cnf | ||
| # Generates certs with given algorithms and bits in $1$2/, ex. ec384/ | ||
| # $1: rsa or ec | ||
| # $2: number of bits | ||
| cert-gen () { | ||
| echo -e "\n----- generating certs for $1$2 -----\n" | ||
|
|
||
| # set openssl argument name | ||
| if [[ $1 == rsa ]]; then | ||
| local argname=rsa_keygen_bits: | ||
| elif [[ $1 == ec ]]; then | ||
| local argname=ec_paramgen_curve:P- | ||
| fi | ||
|
|
||
| # make directory for certs | ||
| if [ ! -d $1$2/ ]; then | ||
| mkdir $1$2 | ||
| fi | ||
| cd $1$2 | ||
|
|
||
| echo "generating CA private key and certificate" | ||
| openssl req -new -nodes -x509 -newkey $1 -pkeyopt $argname$2 -keyout ca-key.pem -out ca-cert.pem -days 65536 -config ../config/ca.cnf | ||
|
|
||
| echo "generating server private key and CSR" | ||
| openssl req -new -nodes -newkey $1 -pkeyopt $argname$2 -keyout server-key.pem -out server.csr -config ../config/server.cnf | ||
|
|
||
| echo "generating client private key and CSR" | ||
| openssl req -new -nodes -newkey $1 -pkeyopt $argname$2 -keyout client-key.pem -out client.csr -config ../config/client.cnf | ||
|
|
||
| # secp384r1 is an arbitrarily chosen curve that is supported by the default | ||
| # security policy in s2n-tls. | ||
| # https://github.com/aws/s2n-tls/blob/main/docs/USAGE-GUIDE.md#chart-security-policy-version-to-supported-curvesgroups | ||
| echo "generating server private key and CSR" | ||
| openssl req -new -nodes -newkey ec -pkeyopt ec_paramgen_curve:secp384r1 -keyout server-key.pem -out server.csr -config config/server.cnf | ||
| echo "generating server certificate and signing it" | ||
| openssl x509 -days 65536 -req -in server.csr -CA ca-cert.pem -CAkey ca-key.pem -CAcreateserial -out server-cert.pem -extensions req_ext -extfile ../config/server.cnf | ||
|
|
||
| echo "generating client private key and CSR" | ||
| openssl req -new -nodes -newkey ec -pkeyopt ec_paramgen_curve:secp384r1 -keyout client-key.pem -out client.csr -config config/client.cnf | ||
| echo "generating client certificate and signing it" | ||
| openssl x509 -days 65536 -req -in client.csr -CA ca-cert.pem -CAkey ca-key.pem -CAcreateserial -out client-cert.pem -extensions req_ext -extfile ../config/client.cnf | ||
|
|
||
| echo "generating server certificate and signing it" | ||
| openssl x509 -days 65536 -req -in server.csr -CA ca-cert.pem -CAkey ca-key.pem -CAcreateserial -out server-cert.pem -extensions req_ext -extfile config/server.cnf | ||
| echo "verifying generated certificates" | ||
| openssl verify -CAfile ca-cert.pem server-cert.pem | ||
| openssl verify -CAfile ca-cert.pem client-cert.pem | ||
|
|
||
| echo "generating client certificate and signing it" | ||
| openssl x509 -days 65536 -req -in client.csr -CA ca-cert.pem -CAkey ca-key.pem -CAcreateserial -out client-cert.pem -extensions req_ext -extfile config/client.cnf | ||
| echo "combining certs into cert chains" | ||
| cat server-cert.pem ca-cert.pem > server-fullchain.pem | ||
| cat client-cert.pem ca-cert.pem > client-fullchain.pem | ||
|
|
||
| echo "verifying generated certificates" | ||
| openssl verify -CAfile ca-cert.pem server-cert.pem | ||
| openssl verify -CAfile ca-cert.pem client-cert.pem | ||
| echo "cleaning up temporary files" | ||
| rm server.csr | ||
| rm client.csr | ||
| rm ca-key.pem | ||
|
|
||
| cat server-cert.pem ca-cert.pem > fullchain.pem | ||
| cd .. | ||
| } | ||
|
|
||
| echo "cleaning up temporary files" | ||
| rm server.csr | ||
| rm client.csr | ||
| rm ca-key.pem | ||
| cert-gen ec 384 | ||
| cert-gen rsa 2048 | ||
| cert-gen rsa 4096 | ||
|
|
||
| popd |
Oops, something went wrong.