3 # Create necessary files to run tlsproxy in the current directory.
5 # Requires certtool (from GnuTLS).
7 # Copyright (C) 2011-2013 Simon Ruderich
9 # This program is free software: you can redistribute it and/or modify
10 # it under the terms of the GNU General Public License as published by
11 # the Free Software Foundation, either version 3 of the License, or
12 # (at your option) any later version.
14 # This program is distributed in the hope that it will be useful,
15 # but WITHOUT ANY WARRANTY; without even the implied warranty of
16 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 # GNU General Public License for more details.
19 # You should have received a copy of the GNU General Public License
20 # along with this program. If not, see <http://www.gnu.org/licenses/>.
26 trap 'rm -f "$tempfile"' EXIT
28 # Generate proxy CA key file.
29 certtool --generate-privkey \
30 --outfile proxy-ca-key.pem
32 echo 'cn = tlsproxy CA' > "$tempfile"
33 echo ca >> "$tempfile"
34 echo cert_signing_key >> "$tempfile"
35 echo 'expiration_days = 3650' >> "$tempfile"
36 certtool --generate-self-signed \
37 --load-privkey proxy-ca-key.pem \
38 --template "$tempfile" \
39 --outfile proxy-ca.pem
41 # Generate proxy key file.
42 certtool --generate-privkey \
43 --outfile proxy-key.pem
45 # Generate proxy "invalid" server certificate. It's used for problematic
47 echo 'organization = tlsproxy' > "$tempfile"
48 echo 'cn = invalid' >> "$tempfile"
49 echo tls_www_server >> "$tempfile"
50 echo encryption_key >> "$tempfile"
51 echo signing_key >> "$tempfile"
52 echo 'expiration_days = 3650' >> "$tempfile"
53 certtool --generate-self-signed \
54 --load-privkey proxy-key.pem \
55 --template "$tempfile" \
56 --outfile proxy-invalid.pem
ruderich.org/simon / tlsproxy / tlsproxy.git / blob