/[smecontribs]/rpms/openssl3/contribs10/Makefile.certificate
ViewVC logotype

Contents of /rpms/openssl3/contribs10/Makefile.certificate

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.1 - (show annotations) (download)
Wed Jan 31 17:24:54 2024 UTC (9 months, 3 weeks ago) by jpp
Branch: MAIN
CVS Tags: openssl3-3_0_7-5_el7_sme_1, HEAD
Initial import

1 UTF8 := $(shell locale -c LC_CTYPE -k | grep -q charmap.*UTF-8 && echo -utf8)
2 DAYS=365
3 KEYLEN=2048
4 TYPE=rsa:$(KEYLEN)
5 EXTRA_FLAGS=
6 ifdef SERIAL
7 EXTRA_FLAGS+=-set_serial $(SERIAL)
8 endif
9
10 .PHONY: usage
11 .SUFFIXES: .key .csr .crt .pem
12 .PRECIOUS: %.key %.csr %.crt %.pem
13
14 usage:
15 @echo "This makefile allows you to create:"
16 @echo " o public/private key pairs"
17 @echo " o SSL certificate signing requests (CSRs)"
18 @echo " o self-signed SSL test certificates"
19 @echo
20 @echo "To create a key pair, run \"make SOMETHING.key\"."
21 @echo "To create a CSR, run \"make SOMETHING.csr\"."
22 @echo "To create a test certificate, run \"make SOMETHING.crt\"."
23 @echo "To create a key and a test certificate in one file, run \"make SOMETHING.pem\"."
24 @echo
25 @echo "To create a key for use with Apache, run \"make genkey\"."
26 @echo "To create a CSR for use with Apache, run \"make certreq\"."
27 @echo "To create a test certificate for use with Apache, run \"make testcert\"."
28 @echo
29 @echo "To create a test certificate with serial number other than random, add SERIAL=num"
30 @echo "You can also specify key length with KEYLEN=n and expiration in days with DAYS=n"
31 @echo "Any additional options can be passed to openssl req via EXTRA_FLAGS"
32 @echo
33 @echo Examples:
34 @echo " make server.key"
35 @echo " make server.csr"
36 @echo " make server.crt"
37 @echo " make stunnel.pem"
38 @echo " make genkey"
39 @echo " make certreq"
40 @echo " make testcert"
41 @echo " make server.crt SERIAL=1"
42 @echo " make stunnel.pem EXTRA_FLAGS=-sha384"
43 @echo " make testcert DAYS=600"
44
45 %.pem:
46 umask 77 ; \
47 PEM1=`/bin/mktemp /tmp/openssl.XXXXXX` ; \
48 PEM2=`/bin/mktemp /tmp/openssl.XXXXXX` ; \
49 /usr/bin/openssl req $(UTF8) -newkey $(TYPE) -keyout $$PEM1 -nodes -x509 -days $(DAYS) -out $$PEM2 $(EXTRA_FLAGS) ; \
50 cat $$PEM1 > $@ ; \
51 echo "" >> $@ ; \
52 cat $$PEM2 >> $@ ; \
53 $(RM) $$PEM1 $$PEM2
54
55 %.key:
56 umask 77 ; \
57 /usr/bin/openssl genrsa -aes128 $(KEYLEN) > $@
58
59 %.csr: %.key
60 umask 77 ; \
61 /usr/bin/openssl req $(UTF8) -new -key $^ -out $@
62
63 %.crt: %.key
64 umask 77 ; \
65 /usr/bin/openssl req $(UTF8) -new -key $^ -x509 -days $(DAYS) -out $@ $(EXTRA_FLAGS)
66
67 TLSROOT=/etc/pki/tls
68 KEY=$(TLSROOT)/private/localhost.key
69 CSR=$(TLSROOT)/certs/localhost.csr
70 CRT=$(TLSROOT)/certs/localhost.crt
71
72 genkey: $(KEY)
73 certreq: $(CSR)
74 testcert: $(CRT)
75
76 $(CSR): $(KEY)
77 umask 77 ; \
78 /usr/bin/openssl req $(UTF8) -new -key $(KEY) -out $(CSR)
79
80 $(CRT): $(KEY)
81 umask 77 ; \
82 /usr/bin/openssl req $(UTF8) -new -key $(KEY) -x509 -days $(DAYS) -out $(CRT) $(EXTRA_FLAGS)

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed