uts-server/tests/cfg/pki/create_tsa_certs

#!/bin/sh


export OPENSSL_CONF="./CAtsa.cnf"

cd `dirname $0`

error () {
    echo "TSA test failed!" >&2
    exit 1
}


create_ca () {

    echo "Creating a new CA for the TSA tests..."
    export CN="UTS-SERVER CA"
    openssl req -new -x509 -nodes \
        -out tsaca.pem -keyout tsacakey.pem
    test $? != 0 && error
}

create_tsa_cert () {
    EXT=$3
    INDEX=$2
    CN=$1; export CN

    openssl req -new \
        -out tsa_req${INDEX}.pem -keyout tsa_key${INDEX}.pem
    test $? != 0 && error

    echo Using extension $EXT
    openssl x509 -req \
        -in tsa_req${INDEX}.pem -out tsa_cert${INDEX}.pem \
        -CA tsaca.pem -CAkey tsacakey.pem -CAcreateserial \
        -extfile $OPENSSL_CONF -extensions $EXT
    test $? != 0 && error
}

create_cert () {

    INDEX=$2
    export INDEX
    TSDNSECT=ts_cert_dn
    export TSDNSECT

    openssl req -new \
        -out tsa_req${INDEX}.pem -keyout ssl_key${INDEX}.pem
    test $? != 0 && error
    openssl x509 -req \
        -in tsa_req${INDEX}.pem -out ssl_cert${INDEX}.pem \
        -CA tsaca.pem -CAkey tsacakey.pem -CAcreateserial \
        -extensions server_cert
    test $? != 0 && error
    cat ssl_key${INDEX}.pem ssl_cert${INDEX}.pem >ssl_keycerts${INDEX}.pem
}

echo "Creating CA for TSA tests..."
create_ca

echo "Creating tsa_cert1.pem TSA server cert..."
create_tsa_cert "TSA CERT 1" 1 tsa_cert

echo "Creating tsa_cert2.pem TSA server cert..."
create_tsa_cert "TSA CERT 2" 2 tsa_cert

echo "Creating ssl_keycerts1.pem for ssl"
create_cert "uts-server.example.org" 1

exit 0