3 # Create necessary files to run tlsproxy in the current directory.
5 # Requires certtool (from GnuTLS).
7 # Copyright (C) 2011-2012 Simon Ruderich
9 # This program is free software: you can redistribute it and/or modify
10 # it under the terms of the GNU General Public License as published by
11 # the Free Software Foundation, either version 3 of the License, or
12 # (at your option) any later version.
14 # This program is distributed in the hope that it will be useful,
15 # but WITHOUT ANY WARRANTY; without even the implied warranty of
16 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 # GNU General Public License for more details.
19 # You should have received a copy of the GNU General Public License
20 # along with this program. If not, see <http://www.gnu.org/licenses/>.
23 tempfile=`mktemp` || exit 1
30 # Generate proxy CA key file.
31 certtool --generate-privkey > proxy-ca-key.pem || die
33 echo 'cn = tlsproxy CA' > "$tempfile"
34 echo ca >> "$tempfile"
35 echo cert_signing_key >> "$tempfile"
36 certtool --generate-self-signed \
37 --load-privkey proxy-ca-key.pem \
38 --template "$tempfile" \
39 --outfile proxy-ca.pem || die
41 # Generate proxy key file.
42 certtool --generate-privkey > proxy-key.pem || die
44 # Generate proxy "invalid" server certificate. It's used for problematic
46 echo 'organization = tlsproxy' > "$tempfile"
47 echo 'cn = invalid' >> "$tempfile"
48 echo tls_www_server >> "$tempfile"
49 echo encryption_key >> "$tempfile"
50 echo signing_key >> "$tempfile"
51 certtool --generate-self-signed \
52 --load-privkey proxy-key.pem \
53 --template "$tempfile" \
54 --outfile proxy-invalid.pem || die
ruderich.org/simon / tlsproxy / tlsproxy.git / blob