| Dr. Stephen Henson | d4d2f98 | 1999-03-09 03:01:48 +0000 | [diff] [blame] | 1 | echo=on
|
| 2 |
|
| 3 | rem set ssleay=..\out\ssleay
|
| 4 | set ssleay=%1
|
| 5 |
|
| 6 | set reqcmd=%ssleay% req
|
| 7 | set x509cmd=%ssleay% x509
|
| 8 | set verifycmd=%ssleay% verify
|
| 9 |
|
| 10 | set CAkey=keyCA.ss
|
| 11 | set CAcert=certCA.ss
|
| 12 | set CAserial=certCA.srl
|
| 13 | set CAreq=reqCA.ss
|
| 14 | set CAconf=..\test\CAss.cnf
|
| 15 | set CAreq2=req2CA.ss
|
| 16 |
|
| 17 | set Uconf=..\test\Uss.cnf
|
| 18 | set Ukey=keyU.ss
|
| 19 | set Ureq=reqU.ss
|
| 20 | set Ucert=certU.ss
|
| 21 |
|
| 22 | echo make a certificate request using 'req'
|
| 23 | %reqcmd% -config %CAconf% -out %CAreq% -keyout %CAkey% -new
|
| 24 | if errorlevel 1 goto err_req
|
| 25 |
|
| 26 | echo convert the certificate request into a self signed certificate using 'x509'
|
| 27 | %x509cmd% -CAcreateserial -in %CAreq% -days 30 -req -out %CAcert% -signkey %CAkey% >err.ss
|
| 28 | if errorlevel 1 goto err_x509
|
| 29 |
|
| 30 | echo --
|
| 31 | echo convert a certificate into a certificate request using 'x509'
|
| 32 | %x509cmd% -in %CAcert% -x509toreq -signkey %CAkey% -out %CAreq2% >err.ss
|
| 33 | if errorlevel 1 goto err_x509_2
|
| 34 |
|
| 35 | %reqcmd% -verify -in %CAreq% -noout
|
| 36 | if errorlevel 1 goto err_verify_1
|
| 37 |
|
| 38 | %reqcmd% -verify -in %CAreq2% -noout
|
| 39 | if errorlevel 1 goto err_verify_2
|
| 40 |
|
| 41 | %verifycmd% -CAfile %CAcert% %CAcert%
|
| 42 | if errorlevel 1 goto err_verify_3
|
| 43 |
|
| 44 | echo --
|
| 45 | echo make another certificate request using 'req'
|
| 46 | %reqcmd% -config %Uconf% -out %Ureq% -keyout %Ukey% -new >err.ss
|
| 47 | if errorlevel 1 goto err_req_gen
|
| 48 |
|
| 49 | echo --
|
| 50 | echo sign certificate request with the just created CA via 'x509'
|
| 51 | %x509cmd% -CAcreateserial -in %Ureq% -days 30 -req -out %Ucert% -CA %CAcert% -CAkey %CAkey% -CAserial %CAserial%
|
| 52 | if errorlevel 1 goto err_x509_sign
|
| 53 |
|
| 54 | %verifycmd% -CAfile %CAcert% %Ucert%
|
| 55 | echo --
|
| 56 | echo Certificate details
|
| 57 | %x509cmd% -subject -issuer -startdate -enddate -noout -in %Ucert%
|
| 58 |
|
| 59 | echo Everything appeared to work
|
| 60 | echo --
|
| 61 | echo The generated CA certificate is %CAcert%
|
| 62 | echo The generated CA private key is %CAkey%
|
| 63 | echo The current CA signing serial number is in %CAserial%
|
| 64 |
|
| 65 | echo The generated user certificate is %Ucert%
|
| 66 | echo The generated user private key is %Ukey%
|
| 67 | echo --
|
| 68 |
|
| 69 | del err.ss
|
| 70 |
|
| 71 | goto end
|
| 72 |
|
| 73 | :err_req
|
| 74 | echo error using 'req' to generate a certificate request
|
| 75 | goto end
|
| 76 | :err_x509
|
| 77 | echo error using 'x509' to self sign a certificate request
|
| 78 | goto end
|
| 79 | :err_x509_2
|
| 80 | echo error using 'x509' convert a certificate to a certificate request
|
| 81 | goto end
|
| 82 | :err_verify_1
|
| 83 | echo first generated request is invalid
|
| 84 | goto end
|
| 85 | :err_verify_2
|
| 86 | echo second generated request is invalid
|
| 87 | goto end
|
| 88 | :err_verify_3
|
| 89 | echo first generated cert is invalid
|
| 90 | goto end
|
| 91 | :err_req_gen
|
| 92 | echo error using 'req' to generate a certificate request
|
| 93 | goto end
|
| 94 | :err_x509_sign
|
| 95 | echo error using 'x509' to sign a certificate request
|
| 96 | goto end
|
| 97 |
|
| 98 | :end
|
