diff options
Diffstat (limited to 'genkeys.sh')
| -rwxr-xr-x | genkeys.sh | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/genkeys.sh b/genkeys.sh new file mode 100755 index 00000000..bff69da9 --- /dev/null +++ b/genkeys.sh @@ -0,0 +1,36 @@ +#!/bin/bash + +set -xe + +cd $(dirname $0) + +mkdir -p pki +cd pki + +if [ ! -f garage-ca.key ]; then + echo "Generating Garage CA keys..." + openssl genrsa -out garage-ca.key 4096 + openssl req -x509 -new -key garage-ca.key -subj "/C=FR/O=Garage" -days 3650 -out garage-ca.crt +fi + +if [ ! -f garage.key ]; then + echo "Generating Garage agent keys..." + openssl genrsa -out garage.key 4096 + openssl req -new -sha256 -key garage.key -subj "/C=FR/O=Garage/CN=*" -out garage.csr + openssl req -in garage.csr -noout -text + openssl x509 -req -in garage.csr \ + -CA garage-ca.crt -CAkey garage-ca.key -CAcreateserial \ + -out garage.crt -days 365 -sha256 + rm garage.csr +fi + +if [ ! -f garage-client.key ]; then + echo "Generating Garage client key..." + openssl genrsa -out garage-client.key 4096 + openssl req -new -sha256 -key garage-client.key -subj "/C=FR/O=Garage" -out garage-client.csr + openssl req -in garage-client.csr -noout -text + openssl x509 -req -in garage-client.csr \ + -CA garage-ca.crt -CAkey garage-ca.key -CAcreateserial \ + -out garage-client.crt -days 365 -sha256 + rm garage-client.csr +fi |