heuzef
/
lesspass
Mirror von https://github.com/lesspass/lesspass.git
1
0
Fork 0
Code Issues 0 Releases 67 Wiki Aktivität
Du kannst nicht mehr als 25 Themen auswählen Themen müssen entweder mit einem Buchstaben oder einer Ziffer beginnen. Sie können Bindestriche („-“) enthalten und bis zu 35 Zeichen lang sein.
2307 Commits
17 Branches
254 MiB
 
 
 
 
 
 
Struktur: 7bbec8bc96
Branches Tags
${ item.name }
Erstelle Branch ${ searchTerm }
von „7bbec8bc96“
${ noResults }
lesspass/containers/ssl/create_ca_and_ee.sh

19 Zeilen
1.1 KiB
Originalformat Blame Verlauf 

  1. #!/usr/bin/env bash

  2. # This script will create a custom Certificate Authority (CA) and End Entity (EE) certificates.

  3. #

  4. # for local development this should be fine and you can ignore certificate trust errors related to

  5. # an untrusted root. For public facing access, you can submit the generated lesspass.csr to a trusted

  6. # ca so that they can provide you with a trusted certificate to replace this development certificate.

  7. 

  8. CA_CRT_SUBJ="${CA_CRT_SUBJ:-/C=US/CN=Root-CA}"

  9. CA_KEY_TYPE="${CA_KEY_TYPE:-rsa:2048}"

  10. EE_CRT_SUBJ="${EE_CRT_SUBJ:-/C=FR/ST=Gironde/L=Bordeaux/O=LessPass/CN=lesspass.local}"

  11. EE_KEY_TYPE="${EE_KEY_TYPE:-${CA_KEY_TYPE}}"

  12. 

  13. openssl req -x509 -nodes -new -sha256 -days 1024 -newkey "$CA_KEY_TYPE" -keyout RootCA.key -out RootCA.pem -subj "$CA_CRT_SUBJ"

  14. openssl x509 -outform pem -in RootCA.pem -out RootCA.crt

  15. openssl req -new -nodes -newkey "$EE_KEY_TYPE" -keyout lesspass.key -out lesspass.csr -subj "$EE_CRT_SUBJ"

  16. openssl x509 -req -sha256 -days 1024 -in lesspass.csr -CA RootCA.pem -CAkey RootCA.key -CAcreateserial -extfile domains.ext -out lesspass.crt

  17. 

  18. openssl verify -verbose -CAfile RootCA.crt RootCA.crt lesspass.crt