From 5a5fb09a57fa8ab328288acaeeedca37eaa93a3d Mon Sep 17 00:00:00 2001
From: "7u83@mail.ru" <7u83@mail.ru@noemail.net>
Date: Thu, 22 Jan 2015 22:13:09 +0000
Subject: [PATCH] New improved script

Creares root and intermediate ca.

FossilOrigin-Name: 1fd1ff515e9aa2d5fe48ff82a6402f2514a7edfa6188331f28ee6f78bf7c7431
---
 ssl/mkrootca.sh | 43 +++++++++++++++++++++++++++++++++++++++++--
 1 file changed, 41 insertions(+), 2 deletions(-)

diff --git a/ssl/mkrootca.sh b/ssl/mkrootca.sh
index cea755b9..f19673d1 100755
--- a/ssl/mkrootca.sh
+++ b/ssl/mkrootca.sh
@@ -1,6 +1,45 @@
 #!/bin/sh
 echo Creating Root CA 
-openssl genrsa -des3 -out root-ca.key 1536 -config openssl.cnf
-openssl req -new -x509 -days 3365 -key root-ca.key -out root-ca.crt -config openssl.cnf 
+
+KEYSIZE=2048
+CONFIG=openssl.cnf
+
+ROOT_CA_DIR=./root-ca
+INT_CA_DIR=./intermediate-ca
+
+if [ ! -e $ROOT_CA_DIR ] 
+then
+	echo "Initializing root-ca"
+	mkdir $ROOT_CA_DIR
+	echo '1000' > $ROOT_CA_DIR/serial
+	touch $ROOT_CA_DIR/index.txt
+fi
+
+openssl req -nodes -new -x509 \
+	-sha1 \
+	-extensions v3_ca \
+	-days 3650 \
+	-newkey rsa:2048 \
+	-keyout $ROOT_CA_DIR/root-ca.key -out $ROOT_CA_DIR/root-ca.crt \
+	-config openssl.cnf \
+	-x509 \
+        -subj /C=DE/ST=Berlin/L=Berlin/O=Cauwersin/CN=7u83.cauwersin.com/emailAddress=7u83@mail.ru 
 
 
+
+if [ ! -e $INT_CA_DIR ] 
+then
+	echo "Initializing intermediate-ca"
+	mkdir $INT_CA_DIR
+	echo '1000' > $INT_CA_DIR/serial
+	touch $INT_CA_DIR/index.txt
+fi
+
+openssl genrsa -out $INT_CA_DIR/int-ca.key $KEYSIZE
+openssl req -sha1 -new -key $INT_CA_DIR/int-ca.key -out $INT_CA_DIR/int-ca.csr \
+        -subj /C=DE/ST=Berlin/L=Berlin/O=Cauwersin/CN=7u83.cauwersin.com/emailAddress=7u83@mail.ru 
+
+
+openssl ca -config openssl.cnf -keyfile $ROOT_CA_DIR/root-ca.key -cert $ROOT_CA_DIR/root-ca.crt \
+	-extensions v3_ca -notext -md sha1 -in $INT_CA_DIR/int-ca.csr -out $INT_CA_DIR/int-ca.crt
+