File: certificates.sh

package info (click to toggle)
incus 6.0.5-6
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 25,788 kB
  • sloc: sh: 16,313; ansic: 3,121; python: 457; makefile: 337; ruby: 51; sql: 50; lisp: 6
file content (13 lines) | stat: -rw-r--r-- 510 bytes parent folder | download | duplicates (3) 
1
2
3
4
5
6
7
8
9
10
11
12
13
 
cert_fingerprint() {
    openssl x509 -noout -fingerprint -sha256 -in "${1}" | sed 's/.*=//; s/://g; s/\(.*\)/\L\1/'
}

# Generate a short lived ecdsa (self-signed) cert and key
# using the NIST curve P-384 and SHA384 hash for signature
# to match what Incus generates by default.
gen_cert_and_key() {
    key_file="${1}"
    crt_file="${2}"
    cn="${3}"
    openssl req -x509 -newkey ec -pkeyopt ec_paramgen_curve:secp384r1 -sha384 -keyout "${key_file}" -nodes -out "${crt_file}" -days 1 -subj "/CN=${cn}"
}