/[smeserver]/rpms/openssl/sme8/Makefile.certificate
ViewVC logotype

Contents of /rpms/openssl/sme8/Makefile.certificate

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.1 - (show annotations) (download)
Tue Feb 18 03:03:06 2014 UTC (10 years, 8 months ago) by wellsi
Branch: MAIN
CVS Tags: openssl-0_9_8e-28_el5_sme, openssl-0_9_8e-33_1_el5_sme, openssl-0_9_8e-32_1_el5_sme, openssl-0_9_8e-27_1_el5_sme, openssl-0_9_8e-27_el5_10_1, openssl-0_9_8e-31_1_el5_sme, HEAD
Branch point for: upstream
Initial import

1 UTF8 := $(shell locale -c LC_CTYPE -k | grep -q charmap.*UTF-8 && echo -utf8)
2 SERIAL=0
3 PRIVATE_KEY_BITS=2048
4
5 .PHONY: usage
6 .SUFFIXES: .key .csr .crt .pem
7 .PRECIOUS: %.key %.csr %.crt %.pem
8
9 usage:
10 @echo "This makefile allows you to create:"
11 @echo " o public/private key pairs"
12 @echo " o SSL certificate signing requests (CSRs)"
13 @echo " o self-signed SSL test certificates"
14 @echo
15 @echo "To create a key pair, run \"make SOMETHING.key\"."
16 @echo "To create a CSR, run \"make SOMETHING.csr\"."
17 @echo "To create a test certificate, run \"make SOMETHING.crt\"."
18 @echo "To create a key and a test certificate in one file, run \"make SOMETHING.pem\"."
19 @echo
20 @echo "To create a key for use with Apache, run \"make genkey\"."
21 @echo "To create a CSR for use with Apache, run \"make certreq\"."
22 @echo "To create a test certificate for use with Apache, run \"make testcert\"."
23 @echo
24 @echo "To create a test certificate with serial number other than zero, add SERIAL=num"
25 @echo
26 @echo Examples:
27 @echo " make server.key"
28 @echo " make server.csr"
29 @echo " make server.crt"
30 @echo " make stunnel.pem"
31 @echo " make genkey"
32 @echo " make certreq"
33 @echo " make testcert"
34 @echo " make server.crt SERIAL=1"
35 @echo " make stunnel.pem SERIAL=2"
36 @echo " make testcert SERIAL=3"
37
38 %.pem:
39 umask 77 ; \
40 PEM1=`/bin/mktemp /tmp/openssl.XXXXXX` ; \
41 PEM2=`/bin/mktemp /tmp/openssl.XXXXXX` ; \
42 /usr/bin/openssl req $(UTF8) -newkey rsa:$(PRIVATE_KEY_BITS) -keyout $$PEM1 -nodes -x509 -days 365 -out $$PEM2 -set_serial $(SERIAL) ; \
43 cat $$PEM1 > $@ ; \
44 echo "" >> $@ ; \
45 cat $$PEM2 >> $@ ; \
46 $(RM) $$PEM1 $$PEM2
47
48 %.key:
49 umask 77 ; \
50 /usr/bin/openssl genrsa -des3 $(PRIVATE_KEY_BITS) > $@
51
52 %.csr: %.key
53 umask 77 ; \
54 /usr/bin/openssl req $(UTF8) -new -key $^ -out $@
55
56 %.crt: %.key
57 umask 77 ; \
58 /usr/bin/openssl req $(UTF8) -new -key $^ -x509 -days 365 -out $@ -set_serial $(SERIAL)
59
60 TLSROOT=/etc/pki/tls
61 KEY=$(TLSROOT)/private/localhost.key
62 CSR=$(TLSROOT)/certs/localhost.csr
63 CRT=$(TLSROOT)/certs/localhost.crt
64
65 genkey: $(KEY)
66 certreq: $(CSR)
67 testcert: $(CRT)
68
69 $(CSR): $(KEY)
70 umask 77 ; \
71 /usr/bin/openssl req $(UTF8) -new -key $(KEY) -out $(CSR)
72
73 $(CRT): $(KEY)
74 umask 77 ; \
75 /usr/bin/openssl req $(UTF8) -new -key $(KEY) -x509 -days 365 -out $(CRT) -set_serial $(SERIAL)

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed