--- /dev/null
+#!/bin/sh
+
+# Create necessary files to run tlsproxy in the current directory.
+#
+# Requires certtool (from GnuTLS).
+#
+# Copyright (C) 2011 Simon Ruderich
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+
+tempfile=`mktemp` || exit 1
+
+die() {
+ rm -f $tempfile
+ exit 1
+}
+
+# Generate proxy CA key file.
+certtool --generate-privkey > proxy-ca-key.pem || die
+# Generate proxy CA.
+echo 'cn = tlsproxy CA' > $tempfile
+echo ca >> $tempfile
+echo cert_signing_key >> $tempfile
+certtool --generate-self-signed \
+ --load-privkey proxy-ca-key.pem \
+ --template $tempfile \
+ --outfile proxy-ca.pem || die
+
+# Generate proxy key file.
+certtool --generate-privkey > proxy-key.pem || die
+
+# Generate proxy "invalid" server certificate. It's used for problematic
+# connections.
+echo 'organization = tlsproxy' > $tempfile
+echo 'cn = invalid' >> $tempfile
+echo tls_www_server >> $tempfile
+echo encryption_key >> $tempfile
+echo signing_key >> $tempfile
+certtool --generate-self-signed \
+ --load-privkey proxy-key.pem \
+ --template $tempfile \
+ --outfile proxy-invalid.pem || die
+
+rm $tempfile
ruderich.org/simon / tlsproxy / tlsproxy.git / commitdiff