]>
Commit | Line | Data |
---|---|---|
7eceffbf DSH |
1 | @echo off |
2 | ||
3 | rem set ssleay=..\out\ssleay | |
4 | set ssleay=%1 | |
5 | ||
6 | set reqcmd=%ssleay% req | |
7 | set x509cmd=%ssleay% x509 -sha1 | |
8 | set verifycmd=%ssleay% verify | |
9 | ||
10 | set CAkey=keyCA.ss | |
11 | set CAcert=certCA.ss | |
12 | set CAserial=certCA.srl | |
13 | set CAreq=reqCA.ss | |
14 | set CAconf=..\test\CAss.cnf | |
15 | set CAreq2=req2CA.ss | |
16 | ||
17 | set Uconf=..\test\Uss.cnf | |
18 | set Ukey=keyU.ss | |
19 | set Ureq=reqU.ss | |
20 | set Ucert=certU.ss | |
21 | ||
22 | echo make a certificate request using 'req' | |
23 | %reqcmd% -config %CAconf% -out %CAreq% -keyout %CAkey% -new | |
24 | if errorlevel 1 goto e_req | |
25 | ||
26 | echo convert the certificate request into a self signed certificate using 'x509' | |
27 | %x509cmd% -CAcreateserial -in %CAreq% -days 30 -req -out %CAcert% -signkey %CAkey% >err.ss | |
28 | if errorlevel 1 goto e_x509 | |
29 | ||
30 | echo -- | |
31 | echo convert a certificate into a certificate request using 'x509' | |
32 | %x509cmd% -in %CAcert% -x509toreq -signkey %CAkey% -out %CAreq2% >err.ss | |
33 | if errorlevel 1 goto e_x509_2 | |
34 | ||
35 | %reqcmd% -verify -in %CAreq% -noout | |
36 | if errorlevel 1 goto e_vrfy_1 | |
37 | ||
38 | %reqcmd% -verify -in %CAreq2% -noout | |
39 | if errorlevel 1 goto e_vrfy_2 | |
40 | ||
41 | %verifycmd% -CAfile %CAcert% %CAcert% | |
42 | if errorlevel 1 goto e_vrfy_3 | |
43 | ||
44 | echo -- | |
45 | echo make another certificate request using 'req' | |
46 | %reqcmd% -config %Uconf% -out %Ureq% -keyout %Ukey% -new >err.ss | |
47 | if errorlevel 1 goto e_req_gen | |
48 | ||
49 | echo -- | |
50 | echo sign certificate request with the just created CA via 'x509' | |
51 | %x509cmd% -CAcreateserial -in %Ureq% -days 30 -req -out %Ucert% -CA %CAcert% -CAkey %CAkey% -CAserial %CAserial% | |
52 | if errorlevel 1 goto e_x_sign | |
53 | ||
54 | %verifycmd% -CAfile %CAcert% %Ucert% | |
55 | echo -- | |
56 | echo Certificate details | |
57 | %x509cmd% -subject -issuer -startdate -enddate -noout -in %Ucert% | |
58 | ||
59 | echo Everything appeared to work | |
60 | echo -- | |
61 | echo The generated CA certificate is %CAcert% | |
62 | echo The generated CA private key is %CAkey% | |
63 | echo The current CA signing serial number is in %CAserial% | |
64 | ||
65 | echo The generated user certificate is %Ucert% | |
66 | echo The generated user private key is %Ukey% | |
67 | echo -- | |
68 | ||
69 | del err.ss | |
70 | ||
71 | goto end | |
72 | ||
73 | :e_req | |
74 | echo error using 'req' to generate a certificate request | |
75 | goto end | |
76 | :e_x509 | |
77 | echo error using 'x509' to self sign a certificate request | |
78 | goto end | |
79 | :e_x509_2 | |
80 | echo error using 'x509' convert a certificate to a certificate request | |
81 | goto end | |
82 | :e_vrfy_1 | |
83 | echo first generated request is invalid | |
84 | goto end | |
85 | :e_vrfy_2 | |
86 | echo second generated request is invalid | |
87 | goto end | |
88 | :e_vrfy_3 | |
89 | echo first generated cert is invalid | |
90 | goto end | |
91 | :e_req_gen | |
92 | echo error using 'req' to generate a certificate request | |
93 | goto end | |
94 | :e_x_sign | |
95 | echo error using 'x509' to sign a certificate request | |
96 | goto end | |
97 | ||
98 | :end |