-
Notifications
You must be signed in to change notification settings - Fork 0
/
generate_certificate.exp
63 lines (47 loc) · 1.42 KB
/
generate_certificate.exp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
#!/usr/bin/expect -f
# -------------------------
# Generate private key file
# -------------------------
spawn openssl genrsa -des3 -out ca.key 2048
expect "Enter pass phrase for ca.key:"
send -- "test\r"
expect "Verifying - Enter pass phrase for ca.key:"
send -- "test\r"
# ------------------------------------
# Generate certificate signing request
# ------------------------------------
spawn openssl req -new -key ca.key -out ca.csr
expect "Enter pass phrase for ca.key:"
send -- "test\r"
expect "Country Name (2 letter code)"
send -- "FR\r"
expect "State or Province Name (full name)"
send -- "State\r"
expect "Locality Name (eg, city)"
send -- "City\r"
expect "Organization Name (eg, company)"
send -- "Company\r"
expect "Organizational Unit Name (eg, section)"
send -- "Section\r"
expect "Common Name (eg, your name or your server's hostname)"
send -- "localhost\r"
expect "Email Address"
send -- "email@localhost\r"
expect "A challenge password"
send -- "\r"
expect "An optional company name"
send -- "\r"
# --------------------
# Generate certificate
# --------------------
spawn openssl x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt
expect "Enter pass phrase for ca.key:"
send -- "test\r"
# ---------------------------
# Remove certificate password
# ---------------------------
exec cp ca.key ca.tmp
spawn openssl rsa -in ca.tmp -out ca.key
expect "Enter pass phrase for ca.tmp:"
send -- "test\r"
exec rm ca.tmp