1 rem set ssleay=..\out\ssleay
4 set reqcmd
=%ssleay% req
5 set x509cmd
=%ssleay% x509
6 set verifycmd
=%ssleay% verify
8 set CAkey
=\OpenSSL\keyCA.ss
9 set CAcert
=\OpenSSL\certCA.ss
10 set CAserial
=\OpenSSL\certCA.srl
11 set CAreq
=\OpenSSL
\reqCA.ss
12 cecopy ..
\test\CAss.cnf CE
:\OpenSSL
13 set CAconf
=\OpenSSL\CAss.cnf
14 set CAreq2
=\OpenSSL
\req
2CA.ss
16 cecopy ..
\test\Uss.cnf CE
:\OpenSSL
17 set Uconf
=\OpenSSL\Uss.cnf
18 set Ukey
=\OpenSSL\keyU.ss
19 set Ureq
=\OpenSSL
\reqU.ss
20 set Ucert
=\OpenSSL\certU.ss
22 echo make a certificate request using
'req'
23 cerun CE
:\OpenSSL\
%reqcmd% -config
%CAconf% -out
%CAreq% -keyout
%CAkey% -new
24 if errorlevel 1 goto e_req
26 echo convert the certificate request into a self signed certificate using
'x509'
27 cerun CE
:\OpenSSL\
%x509cmd% -CAcreateserial
-in
%CAreq% -days
30 -req
-out
%CAcert% -signkey
%CAkey% "> \OpenSSL\err.ss"
28 if errorlevel 1 goto e_x509
31 echo convert a certificate into a certificate request using
'x509'
32 cerun CE
:\OpenSSL\
%x509cmd% -in
%CAcert% -x509toreq
-signkey
%CAkey% -out
%CAreq2% "> \OpenSSL\err.ss"
33 if errorlevel 1 goto e_x509_2
35 cerun CE
:\OpenSSL\
%reqcmd% -verify -in
%CAreq% -noout
36 if errorlevel 1 goto e_vrfy_1
38 cerun CE
:\OpenSSL\
%reqcmd% -verify -in
%CAreq2% -noout
39 if errorlevel 1 goto e_vrfy_2
41 cerun CE
:\OpenSSL\
%verifycmd% -CAfile
%CAcert% %CAcert%
42 if errorlevel 1 goto e_vrfy_3
45 echo make another certificate request using
'req'
46 cerun CE
:\OpenSSL\
%reqcmd% -config
%Uconf% -out
%Ureq% -keyout
%Ukey% -new
"> \OpenSSL\err.ss"
47 if errorlevel 1 goto e_req_gen
50 echo sign certificate request with the just created CA via
'x509'
51 cerun CE
:\OpenSSL\
%x509cmd% -CAcreateserial
-in
%Ureq% -days
30 -req
-out
%Ucert% -CA
%CAcert% -CAkey
%CAkey% -CAserial
%CAserial%
52 if errorlevel 1 goto e_x_sign
54 cerun CE
:\OpenSSL\
%verifycmd% -CAfile
%CAcert% %Ucert%
56 echo Certificate details
57 cerun CE
:\OpenSSL\
%x509cmd% -subject
-issuer
-startdate
-enddate
-noout
-in
%Ucert%
61 cecopy CE
:%CAserial% .
65 echo Everything appeared to work
67 echo The generated CA certificate is
%CAcert%
68 echo The generated CA private key is
%CAkey%
69 echo The current CA signing serial number is in
%CAserial%
71 echo The generated user certificate is
%Ucert%
72 echo The generated user private key is
%Ukey%
75 cedel CE
:\OpenSSL\err.ss
80 echo error using
'req' to generate a certificate request
83 echo error using
'x509' to self sign a certificate request
86 echo error using
'x509' convert a certificate to a certificate request
89 echo first generated request is invalid
92 echo second generated request is invalid
95 echo first generated cert is invalid
98 echo error using
'req' to generate a certificate request
101 echo error using
'x509' to sign a certificate request