00001 DIR="/opt/OpenIMSCore"
00002 DIR_NAME="PCSCF_CA"
00003
00004 cd $DIR
00005
00006 echo Creating CA certificate
00007 echo -----------------------
00008 echo 1. create CA dir
00009 mkdir $DIR_NAME
00010 cd $DIR_NAME
00011
00012 echo "2. create ca dir structure and files (see ca(1))"
00013 mkdir private
00014 mkdir newcerts
00015 touch index.txt
00016 echo 01 >serial
00017
00018 echo 2. create CA private key
00019 openssl genrsa -out private/cakey.pem 2048
00020 chmod 600 private/cakey.pem
00021
00022 echo 3. create CA self-signed certificate
00023 openssl req -out cacert.pem -x509 -new -key private/cakey.pem
00024
00025
00026 echo Creating a server/client certificate
00027 echo ------------------------------------
00028 echo "1. create a certificate request (and its private key in privkey.pem)"
00029 echo WARNING: the organization name should be the same as in the ca certificate.
00030 openssl req -out pcscf_cert_req.pem -new -nodes
00031 cp privkey.pem pcscf_private_key.pem
00032
00033
00034 echo 2. sign it with the ca certificate
00035 mkdir demoCA
00036 touch demoCA/index.txt
00037 cp serial demoCA/serial
00038 openssl ca -cert cacert.pem -keyfile private/cakey.pem -outdir . -in pcscf_cert_req.pem -out pcscf_cert.pem
00039 cat demoCA/index.txt >>index.txt
00040 rm -rf demoCA
00041
00042 echo Setting ser to use the certificate
00043 echo ----------------------------------
00044 echo 1. create the ca list file:
00045 echo for each of your ca certificates that you intend to use do:
00046 cat cacert.pem >>pcscf_ca_list.pem
00047
00048
