assignment 3 enunciado

assignment2/ca/create_all_keys.sh

@@ -0,0 +1,22 @@
+#!/bin/bash
+
+cert_ca="/C=PT/ST=Coimbra/L=Coimbra/O=UC/CN=CoimbraVPN"
+cert_vpn="/C=PT/ST=Coimbra/L=Coimbra/O=UC/CN=gateway"
+cert_user="/C=PT/ST=Coimbra/L=Coimbra/O=UC/CN=warrior"
+cert_apache="/C=PT/ST=Coimbra/L=Coimbra/O=UC/CN=apache.coimbra"
+
+[[ -e "serial" ]]       || echo 1000 > serial
+[[ -e "index.txt" ]]    || touch index.txt
+[[ -e "ca.key" ]]       || openssl genrsa -out "ca.key" 2048
+[[ -e "ca.crt" ]]       || openssl req -x509 -nodes -days 365 -key "ca.key" -out "ca.crt" -subj "$cert_ca"
+[[ -e "vpn.key" ]]      || openssl genrsa -out "vpn.key" 2048
+[[ -e "vpn.csr" ]]      || openssl req -new -key "vpn.key" -out "vpn.csr" -subj "$cert_vpn"
+[[ -e "vpn.crt" ]] 	    || openssl ca -batch -in "vpn.csr" -cert "ca.crt" -keyfile "ca.key" -out "vpn.crt" -config cheese.cfg
+[[ -e "dh2048.pem" ]]   || openssl dhparam -out "dh2048.pem" 2048
+[[ -e "ta.key" ]]       || openvpn --genkey secret "ta.key"
+[[ -e "user.key" ]]     || openssl genrsa -out user.key
+[[ -e "user.csr" ]]     || openssl req -new -key user.key -out user.csr -subj "$cert_user"
+[[ -e "user.crt" ]] 	|| openssl ca -batch -in "user.csr" -cert "ca.crt" -keyfile "ca.key" -out "user.crt" -config cheese.cfg
+[[ -e "apache.key" ]]   || openssl genrsa -out apache.key
+[[ -e "apache.csr" ]]   || openssl req -new -key apache.key -out apache.csr -subj "$cert_apache" -addext "subjectAltName = IP:10.60.0.1,DNS:apache"
+[[ -e "apache.crt" ]] 	|| openssl ca -batch -in "apache.csr" -cert "ca.crt" -keyfile "ca.key" -out "apache.crt" -config cheese.cfg