Apache-SecSess
6 results

 view release on metacpan or  search on metacpan

utils/mkcerts  view on Meta::CPAN 

#!/usr/bin/perl
# mkcerts - (the anti-CA script) make x509 certificates with openssl
#
# $Id: mkcerts,v 1.3 2002/05/08 02:14:59 pliam Exp $
#

# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
# mkcerts
# Copyright (c) 2001, 2002 John Pliam (pliam@atbash.com)
# This is open-source software.
# See file 'COPYING' in original distribution for complete details.
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #

use Getopt::Std;

system("openssl version");

#
# cmd line args
#
$usage = "usage: $0 [-d] [-e] [-n]";
getopts('den') || die $usage;

# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # 

#
# you must edit all the config info below
#

# # # # # # # # # # # # # # Begin Configuration # # # # # # # # # # # # # # #

# security
$rsabits = 2048;  # number of RSA modulus bits
$digest = 'sha1'; # or 'md5'
$cadays  = 4*365; # days of validity for root CA
$days	 = 2*365; # days of validity for signed certs

# cert files
$cacert	= 'acme-ca.crt';
$cakey	 = 'acme-ca.key';
$capasswd = 'certd@ddy'; # password for root CA (really do change me)
$spasswd	= 'serverpw'; # server passwords (not used, unless -e opt)
$cpasswd	= 'certb@by'; # PKCS12 client passwords (always used)

# DN info
$dnc = 'US';							 # country
$dnst = 'NJ';							# state, province, canton etc
$dnl = 'Basispoint Springs';		# city
$company = 'Acme Industries Inc'; # company name
$dns = 'acme.com';					 # DNS domain

#
# things to do when creating new CA (-n option)
# 
if ($opt_n) {
	# server certs to create and sign (dns prefixes to $dns)
	@servers = (						
		'adam.', 'lysander.', 'tom.',			# .acme.com domain
		'john.sec.', 'milt.sec.', 				# .sec.acme.com
		'stu.transacme.com', 'noam.acme.org'	# outside signing domain
	); 

	# pkcs12 client certs to create and sign
	@clients = (
		{'email' => 'bob', 'full' => 'Col. Robert Bobtight'},
		{'email' => 'admin', 'full' => 'Acme Security Administrator'}
	);
}

#
# things to do in append mode (no -n option)
#
if (!$opt_n) { @servers = ('www'); }

# # # # # # # # # # # # # # End Configuration # # # # # # # # # # # # # # # #

#
# configuration info which should be OK to LEAVE ALONE
#
$confile = './request.cnf';  # config file for requests

#
# create CA cert, if necessary
#
if ($opt_n) { &newca; }

#



( run in 2.368 seconds using v1.01-cache-2.11-cpan-39bf76dae61 )