====== constance ======

Machine virtuelle sous Debian 8

Administrateurs :

  * alarig
  * gizmo
  * dotux

VM dédiée à la CA de Grifon.
Les certificats générés sont dans /etc/ssl/local_ca

<file>
#!/usr/bin/env sh

if [ $# != 1 ]; then
    echo "Paramètre manquant\n"
    echo "$0 service_name \n"
    exit 1
fi

CLIENT_SERVICE=$1
LOCAL_CA="/etc/ssl/local_ca/"
LOCAL_FOLDER="${LOCAL_CA}clients"
FULL_PATH="${LOCAL_FOLDER}/${CLIENT_SERVICE}"

echo "Gen service private key for ${CLIENT_SERVICE}"
openssl genrsa -out ${FULL_PATH}.key 4096

echo "Create service csr for ${CLIENT_SERVICE}"
openssl req -new -key ${FULL_PATH}.key -out ${FULL_PATH}.csr -subj "/C=FR/ST=Bretagne/L=Rennes/O=grifon.fr/CN=${CLIENT_SERVICE}.grifon.fr"

echo "Create service crt ${CLIENT_SERVICE}"
openssl x509 -days 365 -req -sha512 -in ${FULL_PATH}.csr -out ${FULL_PATH}.crt -CA ${LOCAL_CA}CAroot.crt -CAkey ${LOCAL_CA}CAroot.key -CAcreateserial -CAserial ${LOCAL_CA}CAroot.srl
</file>