node-http-server
/certs/https/templates/ca.cnf |
@@ -0,0 +1,31 @@ |
[ ca ] |
default_ca = CA_default |
|
[ CA_default ] |
serial = ca-serial |
crl = ca-crl.pem |
database = ca-database.txt |
name_opt = CA_default |
cert_opt = CA_default |
default_crl_days = 9999 |
default_md = md5 |
|
[ req ] |
default_bits = 4096 |
days = 9999 |
distinguished_name = req_distinguished_name |
attributes = req_attributes |
prompt = no |
output_password = password |
|
[ req_distinguished_name ] |
C = US |
ST = MA |
L = Boston |
O = Example Co |
OU = techops |
CN = ca |
emailAddress = certs@example.com |
|
[ req_attributes ] |
challengePassword = test |
/certs/https/templates/server.cnf |
@@ -0,0 +1,26 @@ |
[ req ] |
default_bits = 4096 |
days = 9999 |
distinguished_name = req_distinguished_name |
attributes = req_attributes |
prompt = no |
x509_extensions = v3_ca |
|
[ req_distinguished_name ] |
C = US |
ST = MA |
L = Boston |
O = Example Co |
OU = techops |
CN = localhost |
emailAddress = certs@example.com |
|
[ req_attributes ] |
challengePassword = password |
|
[ v3_ca ] |
authorityInfoAccess = @issuer_info |
|
[ issuer_info ] |
OCSP;URI.0 = http://ocsp.example.com/ |
caIssuers;URI.0 = http://example.com/ca.cert |
/generateCertificate.sh |
@@ -1,15 +1,15 @@ |
#!/bin/sh |
|
openssl req \ |
openssl req \ |
-new \ |
-x509 \ |
-days 365 \ |
-config certs/https/templates/ca.cnf \ |
-days 365 \ |
-config certs/https/templates/ca.cnf \ |
-keyout certs/https/ca-key.pem \ |
-out certs/https/ca-cert.pem |
openssl genrsa \ |
openssl genrsa \ |
-out certs/https/server-key.pem 4096 |
openssl req \ |
openssl req \ |
-new \ |
-config certs/https/templates/server.cnf \ |
-key certs/https/server-key.pem \ |