This repository has been archived on 2023-08-14. You can view files and clone it, but cannot push or open issues or pull requests.
dex/connector/ldap/gen-certs.sh

50 lines
959 B
Bash
Raw Normal View History

#!/bin/bash -e
# Stolen from the coreos/matchbox repo.
echo "
[req]
req_extensions = v3_req
distinguished_name = req_distinguished_name
[req_distinguished_name]
[ v3_req ]
basicConstraints = CA:FALSE
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
subjectAltName = @alt_names
[alt_names]
DNS.101 = localhost
" > openssl.config
openssl genrsa -out testdata/ca.key 2048
openssl genrsa -out testdata/server.key 2048
openssl req \
-x509 -new -nodes \
-key testdata/ca.key \
-days 10000 -out testdata/ca.crt \
-subj "/CN=ldap-tests"
openssl req \
-new \
-key testdata/server.key \
-out testdata/server.csr \
-subj "/CN=localhost" \
-config openssl.config
openssl x509 -req \
-in testdata/server.csr \
-CA testdata/ca.crt \
-CAkey testdata/ca.key \
-CAcreateserial \
-out testdata/server.crt \
-days 10000 \
-extensions v3_req \
-extfile openssl.config
rm testdata/server.csr
rm testdata/ca.srl
rm openssl.config