/[smecontribs]/rpms/openssl3/contribs10/Makefile.certificate
ViewVC logotype

Annotation of /rpms/openssl3/contribs10/Makefile.certificate

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.1 - (hide annotations) (download)
Wed Jan 31 17:24:54 2024 UTC (9 months, 4 weeks ago) by jpp
Branch: MAIN
CVS Tags: openssl3-3_0_7-5_el7_sme_1, HEAD
Initial import

1 jpp 1.1 UTF8 := $(shell locale -c LC_CTYPE -k | grep -q charmap.*UTF-8 && echo -utf8)
2     DAYS=365
3     KEYLEN=2048
4     TYPE=rsa:$(KEYLEN)
5     EXTRA_FLAGS=
6     ifdef SERIAL
7     EXTRA_FLAGS+=-set_serial $(SERIAL)
8     endif
9    
10     .PHONY: usage
11     .SUFFIXES: .key .csr .crt .pem
12     .PRECIOUS: %.key %.csr %.crt %.pem
13    
14     usage:
15     @echo "This makefile allows you to create:"
16     @echo " o public/private key pairs"
17     @echo " o SSL certificate signing requests (CSRs)"
18     @echo " o self-signed SSL test certificates"
19     @echo
20     @echo "To create a key pair, run \"make SOMETHING.key\"."
21     @echo "To create a CSR, run \"make SOMETHING.csr\"."
22     @echo "To create a test certificate, run \"make SOMETHING.crt\"."
23     @echo "To create a key and a test certificate in one file, run \"make SOMETHING.pem\"."
24     @echo
25     @echo "To create a key for use with Apache, run \"make genkey\"."
26     @echo "To create a CSR for use with Apache, run \"make certreq\"."
27     @echo "To create a test certificate for use with Apache, run \"make testcert\"."
28     @echo
29     @echo "To create a test certificate with serial number other than random, add SERIAL=num"
30     @echo "You can also specify key length with KEYLEN=n and expiration in days with DAYS=n"
31     @echo "Any additional options can be passed to openssl req via EXTRA_FLAGS"
32     @echo
33     @echo Examples:
34     @echo " make server.key"
35     @echo " make server.csr"
36     @echo " make server.crt"
37     @echo " make stunnel.pem"
38     @echo " make genkey"
39     @echo " make certreq"
40     @echo " make testcert"
41     @echo " make server.crt SERIAL=1"
42     @echo " make stunnel.pem EXTRA_FLAGS=-sha384"
43     @echo " make testcert DAYS=600"
44    
45     %.pem:
46     umask 77 ; \
47     PEM1=`/bin/mktemp /tmp/openssl.XXXXXX` ; \
48     PEM2=`/bin/mktemp /tmp/openssl.XXXXXX` ; \
49     /usr/bin/openssl req $(UTF8) -newkey $(TYPE) -keyout $$PEM1 -nodes -x509 -days $(DAYS) -out $$PEM2 $(EXTRA_FLAGS) ; \
50     cat $$PEM1 > $@ ; \
51     echo "" >> $@ ; \
52     cat $$PEM2 >> $@ ; \
53     $(RM) $$PEM1 $$PEM2
54    
55     %.key:
56     umask 77 ; \
57     /usr/bin/openssl genrsa -aes128 $(KEYLEN) > $@
58    
59     %.csr: %.key
60     umask 77 ; \
61     /usr/bin/openssl req $(UTF8) -new -key $^ -out $@
62    
63     %.crt: %.key
64     umask 77 ; \
65     /usr/bin/openssl req $(UTF8) -new -key $^ -x509 -days $(DAYS) -out $@ $(EXTRA_FLAGS)
66    
67     TLSROOT=/etc/pki/tls
68     KEY=$(TLSROOT)/private/localhost.key
69     CSR=$(TLSROOT)/certs/localhost.csr
70     CRT=$(TLSROOT)/certs/localhost.crt
71    
72     genkey: $(KEY)
73     certreq: $(CSR)
74     testcert: $(CRT)
75    
76     $(CSR): $(KEY)
77     umask 77 ; \
78     /usr/bin/openssl req $(UTF8) -new -key $(KEY) -out $(CSR)
79    
80     $(CRT): $(KEY)
81     umask 77 ; \
82     /usr/bin/openssl req $(UTF8) -new -key $(KEY) -x509 -days $(DAYS) -out $(CRT) $(EXTRA_FLAGS)

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed