#!/bin/bash
#script to generate client cert-key pair signed by ca cert-key pair
#create cert signing request
openssl req -nodes -keyout anil.ca.key -subj "/C=US/ST=IL/L=Chicago/O=testers unlimited/OU=tester/CN=clisigner/emailAddress=clisigner@signer.com" -new -out anil.ca.cert.csr
###Generate the certificate using csr
openssl x509 -in anil.ca.cert.csr -out anil.ca.cert -req -signkey anil.ca.key -days 365
#create cert signing request for client cert
openssl req -nodes -keyout anil.cli.key -subj "/C=US/ST=IL/L=Chicago/O=testers unlimited/OU=tester/CN=client/emailAddress=client@client.com" -new -out anil.cli.cert.csr
###Generate the certificate using csr
openssl x509 -in anil.cli.cert.csr -out anil.cli.cert -req -signkey anil.cli.key -CA anil.ca.cert -CAkey anil.ca.key -days 365 -CAcreateserial
## verify certificate signature
openssl verify -verbose -CAfile anil.ca.cert anil.cli.cert
echo " Netscaler does not accept private key in format generated above"
echo "So, use this command to encrypt it"
echo "openssl rsa -in anil.ca.key -passout pass:123456 -des3 -out anil.ca.key2"
#script to generate client cert-key pair signed by ca cert-key pair
#create cert signing request
openssl req -nodes -keyout anil.ca.key -subj "/C=US/ST=IL/L=Chicago/O=testers unlimited/OU=tester/CN=clisigner/emailAddress=clisigner@signer.com" -new -out anil.ca.cert.csr
###Generate the certificate using csr
openssl x509 -in anil.ca.cert.csr -out anil.ca.cert -req -signkey anil.ca.key -days 365
#create cert signing request for client cert
openssl req -nodes -keyout anil.cli.key -subj "/C=US/ST=IL/L=Chicago/O=testers unlimited/OU=tester/CN=client/emailAddress=client@client.com" -new -out anil.cli.cert.csr
###Generate the certificate using csr
openssl x509 -in anil.cli.cert.csr -out anil.cli.cert -req -signkey anil.cli.key -CA anil.ca.cert -CAkey anil.ca.key -days 365 -CAcreateserial
## verify certificate signature
openssl verify -verbose -CAfile anil.ca.cert anil.cli.cert
echo " Netscaler does not accept private key in format generated above"
echo "So, use this command to encrypt it"
echo "openssl rsa -in anil.ca.key -passout pass:123456 -des3 -out anil.ca.key2"
No comments:
Post a Comment