summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--etc/email.conf31
-rwxr-xr-xwebsite-run-through69
2 files changed, 0 insertions, 100 deletions
diff --git a/etc/email.conf b/etc/email.conf
deleted file mode 100644
index ea26c58..0000000
--- a/etc/email.conf
+++ /dev/null
@@ -1,31 +0,0 @@
-# Email certificate request
-
-# This file is used by the openssl req command. Since we cannot know the DN in
-# advance the user is prompted for DN information.
-
-[ req ]
-default_bits = 2048 # RSA key size
-encrypt_key = yes # Protect private key
-default_md = sha1 # MD to use
-utf8 = yes # Input is UTF-8
-string_mask = utf8only # Emit UTF-8 strings
-prompt = yes # Prompt for DN
-distinguished_name = email_dn # DN template
-req_extensions = email_reqext # Desired extensions
-
-[ email_dn ]
-0.domainComponent = "1. Domain Component (eg, com) "
-1.domainComponent = "2. Domain Component (eg, company) "
-2.domainComponent = "3. Domain Component (eg, pki) "
-organizationName = "4. Organization Name (eg, company) "
-organizationalUnitName = "5. Organizational Unit Name (eg, section) "
-commonName = "6. Common Name (eg, full name)"
-commonName_max = 64
-emailAddress = "7. Email Address (eg, name@fqdn)"
-emailAddress_max = 40
-
-[ email_reqext ]
-keyUsage = critical,digitalSignature,keyEncipherment
-extendedKeyUsage = emailProtection,clientAuth
-subjectKeyIdentifier = hash
-subjectAltName = email:move
diff --git a/website-run-through b/website-run-through
deleted file mode 100755
index 324619b..0000000
--- a/website-run-through
+++ /dev/null
@@ -1,69 +0,0 @@
-#!/bin/bash
-
-set -e
-
-rm -rf --one-file-system ca certs
-
-mkdir -p ca/root-ca/private ca/root-ca/db crl certs
-chmod 700 ca/root-ca/private
-
-cp /dev/null ca/root-ca/db/root-ca.db
-cp /dev/null ca/root-ca/db/root-ca.db.attr
-echo 01 > ca/root-ca/db/root-ca.crt.srl
-echo 01 > ca/root-ca/db/root-ca.crl.srl
-
-CA=root-ca openssl req -new \
- -config etc/ca-ssl.conf \
- -out ca/root-ca.csr \
- -keyout ca/root-ca/private/root-ca.key
-
-CA=root-ca openssl ca -batch -name root_ca -selfsign \
- -config etc/ca-ssl.conf \
- -in ca/root-ca.csr \
- -out ca/root-ca.crt \
- -extensions root_ca_ext
-
-mkdir -p ca/signing-ca/private ca/signing-ca/db crl certs
-chmod 700 ca/signing-ca/private
-
-cp /dev/null ca/signing-ca/db/signing-ca.db
-cp /dev/null ca/signing-ca/db/signing-ca.db.attr
-echo 01 > ca/signing-ca/db/signing-ca.crt.srl
-echo 01 > ca/signing-ca/db/signing-ca.crl.srl
-
-CA=signing-ca openssl req -new \
- -config etc/ca-ssl.conf \
- -out ca/signing-ca.csr \
- -keyout ca/signing-ca/private/signing-ca.key
-
-CA=root-ca openssl ca -batch -name root_ca \
- -config etc/ca-ssl.conf \
- -in ca/signing-ca.csr \
- -out ca/signing-ca.crt \
- -extensions signing_ca_ext
-
-SAN=DNS:test.local \
-CN=test.local \
-openssl req -new \
- -config etc/server-ssl.conf \
- -out /tmp/nginx.csr \
- -keyout /tmp/nginx.key
-
-CA=signing-ca openssl ca -batch -name signing_ca \
- -config etc/ca-ssl.conf \
- -in /tmp/nginx.csr \
- -out /tmp/nginx.crt \
- -extensions server_ext
-
-cat /tmp/nginx.crt ca/signing-ca.crt ca/root-ca.crt > /tmp/nginx.chain
-
-sudo systemctl restart nginx
-
-curl -Ss https://test.local --cacert ca/root-ca.crt
-
-exit 0
-
-openssl ca \
- -config etc/ca-ssl.conf \
- -revoke ca/signing-ca/01.pem \
- -crl_reason superseded