#!/bin/sh
echo Creating Root CAs

KEYSIZE=2048
CONFIG=openssl.cnf

ROOT_CA_DIR=./root-ca
INT_CA_DIR=./intermediate-ca



if [ ! -e $ROOT_CA_DIR ] 
then
	echo "Initializing root-ca"
	mkdir $ROOT_CA_DIR
	echo '1000' > $ROOT_CA_DIR/serial
	touch $ROOT_CA_DIR/index.txt
fi

if [ ! -e $INT_CA_DIR ] 
then
	echo "Initializing intermediate-ca"
	mkdir $INT_CA_DIR
	echo '1000' > $INT_CA_DIR/serial
	touch $INT_CA_DIR/index.txt
fi


mkrootca() 
{
	ROOT_SUBJ=$1
	INT_SUBJ=$2
	NAME=$3


	if [ ! -z $NAME ] 
	then
		PREF="$NAME-"
	fi


	# Create a self-signed root CA
	openssl req -nodes -new -x509 \
		-sha1 \
		-extensions v3_ca \
		-days 3650 \
		-newkey rsa:2048 \
		-keyout $ROOT_CA_DIR/${PREF}root-ca.key -out $ROOT_CA_DIR/${PREF}root-ca.crt \
		-config openssl.cnf \
		-x509 \
		-subj "$ROOT_SUBJ"

	# Create a key for intermediate CA
	openssl genrsa -out $INT_CA_DIR/${PREF}int-ca.key $KEYSIZE

	# Create req for intermediate CA
	openssl req -sha1 -new -key $INT_CA_DIR/${PREF}int-ca.key -out $INT_CA_DIR/${PREF}int-ca.csr \
		-subj "$INT_SUBJ"

	# Sign intermediate CA cert using previously created root CA
	openssl ca -config openssl.cnf -batch -keyfile $ROOT_CA_DIR/${PREF}root-ca.key \
		   -cert $ROOT_CA_DIR/${PREF}root-ca.crt \
		   -extensions v3_ca -notext -md sha1 -in $INT_CA_DIR/${PREF}int-ca.csr \
		   -out $INT_CA_DIR/${PREF}int-ca.crt



}


ROOT_SUBJ="/C=DE/ST=Berlin/L=Berlin/O=Cauwersin/CN=7u83.cauwersin.com/emailAddress=7u83@mail.ru"
INT_SUBJ="$ROOT_SUBJ"
mkrootca "$ROOT_SUBJ" "$INT_SUBJ"


ROOT_SUBJ="/C=US/ST=California/L=San Jose/O=Cisco Virtual Wireless LAN Controller/CN=CA-vWLC-AIR-CTVM-K9-080027949DE0/emailAddress=support@vwlc.com"
INT_SUBJ="$ROOT_SUBJ"
mkrootca "$ROOT_SUBJ" "$INT_SUBJ" cisco-ac

#ROOT_SUBJ="/C=US/ST=California/L=San Jose/O=airespace Inc/CN=C1130-f866f2a342fc/emailAddress=support@airespace.com"
#ROOT_SUBJ="/C=US/ST=California/L=San Jose/O=Cisco Systems/CN=C1130-f866f2a342fc/emailAddress=support@cisco.com"
#ROOT_SUBJ="/ST=California/L=San Jose/C=US/O=Cisco Systems/CN=C1130-f866f2a342fc/emailAddress=support@cisco.com"
#ROOT_SUBJ="/C=US/ST=California/L=San Jose/O=Cisco Systems/CN=C1200-c80aa9cd7fa4/emailAddress=support@cisco.com"
#ROOT_SUBJ="/C=US/ST=California/L=San Jose/O=Cisco Systems/CN=Cisrot/emailAddress=support@cisco.com"

#ROOT_SUBJ="/C=US/ST=California/L=San Jose/O=Cisco Systems/CN=C1130-c80aa9cd7fa4/emailAddress=support@cisco.com"
ROOT_SUBJ="/C=US/ST=California/L=San Jose/O=Cisco Systems/CN=C1130-0019dbe09327/emailAddress=support@cisco.com"
INT_SUBJ="$ROOT_SUBJ"
mkrootca "$ROOT_SUBJ" "$INT_SUBJ" cisco-ap