File: generate_all_certs

package info (click to toggle)
puma 6.6.0-4
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid, trixie
  • size: 2,884 kB
  • sloc: ruby: 17,542; ansic: 2,003; java: 1,006; sh: 379; makefile: 10
file content (69 lines) | stat: -rwxr-xr-x 3,178 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
 
#!/bin/bash

# exit on error
set -e

if [[ "$OSTYPE" == "darwin"* ]]; then
  Dash="\n\e[93m────────────────────────────────────────────────────"
else
  Dash="\n\e[38;2;223;223;16m────────────────────────────────────────────────────"
fi

Reset="\e[0m\n"

# change to script folder
SCRIPT=$(realpath "$0")
CERT_HOME=$(dirname "$SCRIPT")

#——————————————————————————————— process ssl files in examples/puma
printf "$Dash process ssl files in examples/puma$Reset"
cd $CERT_HOME/puma
ruby ../generate_server_test.rb
printf "Done with ../generate_server_test.rb\n\n"

rm -f server.p12
openssl pkcs12 -export -password pass:jruby_puma -inkey puma_keypair.pem -in cert_puma.pem -name puma -out server.p12
printf "Done with server.p12\n\n"

rm -f keystore.jks
keytool -importkeystore -srckeystore server.p12 -srcstoretype pkcs12 -srcstorepass jruby_puma -destkeystore keystore.jks -deststoretype JKS -storepass jruby_puma
printf "Done with keystore.jks\n\n"

rm -f encrypted_puma_keypair.pem
openssl rsa -aes256 -in puma_keypair.pem -out encrypted_puma_keypair.pem --passout pass:'hello world'
printf "Done with encrypted_puma_keypair.pem\n\n"

#——————————————————————————————— process ssl files in examples/puma/chain_cert
printf "$Dash process ssl files in examples/puma/chain_cert$Reset"
cd $CERT_HOME/puma/chain_cert
ruby ../../generate_chain_test.rb
printf "Done with ../../generate_chain_test.rb\n\n"

#——————————————————————————————— process ssl files in examples/puma/client_certs
printf "$Dash process ssl files in examples/puma/client_certs$Reset"
cd $CERT_HOME/puma/client_certs
ruby ../../generate_client_test.rb
printf "Done with ../../generate_client_test.rb\n\n"

rm -f server.p12
openssl pkcs12 -chain -CAfile ./ca.crt -export -password pass:jruby_puma -inkey server.key -in server.crt -name server -out server.p12
printf "Done with server.p12\n\n"

rm -f keystore.jks
keytool -importkeystore -srckeystore server.p12 -srcstoretype pkcs12 -srcstorepass jruby_puma -destkeystore keystore.jks -deststoretype pkcs12 -storepass jruby_puma
keytool -importcert -alias ca -noprompt -trustcacerts -file ca.crt -keystore keystore.jks -storepass jruby_puma
printf "Done with keystore.jks\n\n"

rm -f ca_store.p12
openssl pkcs12 -export -password pass:jruby_puma -inkey ca.key -in ca.crt -name ca -out ca_store.p12
printf "Done with ca_store.p12\n\n"

rm -f ca_store.jks
keytool -importcert -alias mykey -noprompt -trustcacerts -file ca.crt -keystore ca_store.jks -deststoretype jks -keypass jruby_puma -storepass jruby_puma
printf "Done with ca_store.jks\n\n"

rm -f unknown_ca_store.p12
openssl pkcs12 -export -password pass:jruby_puma -inkey unknown_ca.key -in unknown_ca.crt -name server -out unknown_ca_store.p12
printf "Done with unknown_ca_store.p12\n\n"

printf "$Dash Done$Reset"