5 openssl genrsa -out CA.key 2048
10 openssl req -key CA.key -new -out CA.csr -subj "/C=US/ST=San Francisco/L=California/O=automotivelinux.org/CN=localhost-ca/emailAddress=agl-dev-community@lists.automotivelinux.org"
11 openssl x509 -signkey CA.key -in CA.csr -req -days 3650 -out CA.pem
15 openssl genrsa -out $1.key 2048
19 openssl req -new -key $1.key -out $1.csr -passin pass:"temp" -subj "/C=US/ST=San Francisco/L=California/O=automotivelinux.org/CN=$1/emailAddress=agl-dev-community@lists.automotivelinux.org"
20 openssl x509 -req -in $1.csr -extfile <(printf "subjectAltName=DNS:$1,DNS:localhost,IP:127.0.0.1") -CA CA.pem -CAkey CA.key -CAcreateserial -days 1460 -out $1.pem
21 openssl verify -CAfile CA.pem $1.pem
25 # Check if the CA is available, else make CA certificates
26 if [ -f "CA.key" ]; then
27 echo "Existing CA.key will be used"
29 echo "No CA.key found, will generate new key"
35 # Check if the CA.pem is available, else generate a new CA.pem
36 if [ -f "CA.pem" ]; then
37 echo "CA.pem will not be regenerated"
39 echo "No CA.pem found, will generate new CA.pem"
45 for i in Server Client;
47 if [ -f $i.key ]; then
48 echo "Existing $i.key will be used"
50 echo "No $i.key found, will generate new key"
54 echo "Generating $i.pem"