#!/bin/bash
#
sed -i /etc/pki/tls/openssl.cnf
DIR='/etc/pki/CA'
openssl genrsa 1024 > $DIR/private/cakey.pem
chmod 600 $DIR/private/cakey.pem
echo "CN
HN
ZH
RHCE
RHCE
ca.b.com
" | openssl req -new -key $DIR/private/cakey.pem -out $DIR/cacert.pem -x509 -days 3655
chmod 600 $DIR/cacert.pem
mkdir $DIR/{certs,newcerts,crl}
touch $DIR/{index.txt,serial}
echo 01 > $DIR/serial
阅读(858) | 评论(0) | 转发(0) |