]>
Commit | Line | Data |
---|---|---|
d4d2f98c DSH |
1 | echo=on\r |
2 | \r | |
3 | rem set ssleay=..\out\ssleay\r | |
4 | set ssleay=%1\r | |
5 | \r | |
6 | set reqcmd=%ssleay% req\r | |
7 | set x509cmd=%ssleay% x509\r | |
8 | set verifycmd=%ssleay% verify\r | |
9 | \r | |
10 | set CAkey=keyCA.ss\r | |
11 | set CAcert=certCA.ss\r | |
12 | set CAserial=certCA.srl\r | |
13 | set CAreq=reqCA.ss\r | |
14 | set CAconf=..\test\CAss.cnf\r | |
15 | set CAreq2=req2CA.ss \r | |
16 | \r | |
17 | set Uconf=..\test\Uss.cnf\r | |
18 | set Ukey=keyU.ss\r | |
19 | set Ureq=reqU.ss\r | |
20 | set Ucert=certU.ss\r | |
21 | \r | |
22 | echo make a certificate request using 'req'\r | |
23 | %reqcmd% -config %CAconf% -out %CAreq% -keyout %CAkey% -new\r | |
24 | if errorlevel 1 goto err_req\r | |
25 | \r | |
26 | echo convert the certificate request into a self signed certificate using 'x509'\r | |
27 | %x509cmd% -CAcreateserial -in %CAreq% -days 30 -req -out %CAcert% -signkey %CAkey% >err.ss\r | |
28 | if errorlevel 1 goto err_x509\r | |
29 | \r | |
30 | echo --\r | |
31 | echo convert a certificate into a certificate request using 'x509'\r | |
32 | %x509cmd% -in %CAcert% -x509toreq -signkey %CAkey% -out %CAreq2% >err.ss\r | |
33 | if errorlevel 1 goto err_x509_2\r | |
34 | \r | |
35 | %reqcmd% -verify -in %CAreq% -noout\r | |
36 | if errorlevel 1 goto err_verify_1\r | |
37 | \r | |
38 | %reqcmd% -verify -in %CAreq2% -noout\r | |
39 | if errorlevel 1 goto err_verify_2\r | |
40 | \r | |
41 | %verifycmd% -CAfile %CAcert% %CAcert%\r | |
42 | if errorlevel 1 goto err_verify_3\r | |
43 | \r | |
44 | echo --\r | |
45 | echo make another certificate request using 'req'\r | |
46 | %reqcmd% -config %Uconf% -out %Ureq% -keyout %Ukey% -new >err.ss\r | |
47 | if errorlevel 1 goto err_req_gen\r | |
48 | \r | |
49 | echo --\r | |
50 | echo sign certificate request with the just created CA via 'x509'\r | |
51 | %x509cmd% -CAcreateserial -in %Ureq% -days 30 -req -out %Ucert% -CA %CAcert% -CAkey %CAkey% -CAserial %CAserial%\r | |
52 | if errorlevel 1 goto err_x509_sign\r | |
53 | \r | |
54 | %verifycmd% -CAfile %CAcert% %Ucert%\r | |
55 | echo --\r | |
56 | echo Certificate details\r | |
57 | %x509cmd% -subject -issuer -startdate -enddate -noout -in %Ucert%\r | |
58 | \r | |
59 | echo Everything appeared to work\r | |
60 | echo --\r | |
61 | echo The generated CA certificate is %CAcert%\r | |
62 | echo The generated CA private key is %CAkey%\r | |
63 | echo The current CA signing serial number is in %CAserial%\r | |
64 | \r | |
65 | echo The generated user certificate is %Ucert%\r | |
66 | echo The generated user private key is %Ukey%\r | |
67 | echo --\r | |
68 | \r | |
69 | del err.ss\r | |
70 | \r | |
71 | goto end\r | |
72 | \r | |
73 | :err_req\r | |
74 | echo error using 'req' to generate a certificate request\r | |
75 | goto end\r | |
76 | :err_x509\r | |
77 | echo error using 'x509' to self sign a certificate request\r | |
78 | goto end\r | |
79 | :err_x509_2\r | |
80 | echo error using 'x509' convert a certificate to a certificate request\r | |
81 | goto end\r | |
82 | :err_verify_1\r | |
83 | echo first generated request is invalid\r | |
84 | goto end\r | |
85 | :err_verify_2\r | |
86 | echo second generated request is invalid\r | |
87 | goto end\r | |
88 | :err_verify_3\r | |
89 | echo first generated cert is invalid\r | |
90 | goto end\r | |
91 | :err_req_gen\r | |
92 | echo error using 'req' to generate a certificate request\r | |
93 | goto end\r | |
94 | :err_x509_sign\r | |
95 | echo error using 'x509' to sign a certificate request\r | |
96 | goto end\r | |
97 | \r | |
98 | :end\r |