From aec94b681c69eb429fcfa5050602608d8cfcdb86 Mon Sep 17 00:00:00 2001
From: Jacek Kowalski <Jacek@jacekk.info>
Date: Mon, 16 Mar 2020 23:20:08 +0000
Subject: [PATCH] Create the CA as self-signed certs no longer work

---
 install.sh |   25 ++++++++++++++-----------
 1 files changed, 14 insertions(+), 11 deletions(-)

diff --git a/install.sh b/install.sh
index 8d3179a..2db81b0 100755
--- a/install.sh
+++ b/install.sh
@@ -1,16 +1,19 @@
 #!/bin/bash
 
-sudo add-apt-repository -y ppa:cwchien/gradle
-sudo apt-get update
-sudo apt-get -y install gradle-ppa openjdk-7-jdk openssl stunnel
+set -e
 
-sudo update-java-alternatives -s java-1.7.0-openjdk-amd64
-sudo rm /usr/lib/jvm/default-java
+function genAndSign() {
+	local cn=$1
+	local file=$2
+	openssl genrsa -out "/tmp/${file}.key" 2048
+	openssl req -new -key "/tmp/${file}.key" -out "/tmp/${file}.csr" -subj "/CN=${cn}/"
+	openssl x509 -req -in "/tmp/${file}.csr" -out "/tmp/${file}.crt" \
+		-CA /tmp/ca.crt -CAkey /tmp/ca.key -CAcreateserial
+	cat "/tmp/${file}.crt" "/tmp/${file}.key" > "/tmp/${file}.pem"
+}
 
-openssl genrsa -out /tmp/correct.key 1024
-openssl req -new -key /tmp/correct.key -out /tmp/correct.crt -subj '/CN=127.0.0.1/' -x509
-cat /tmp/correct.crt /tmp/correct.key > /tmp/correct.pem
+openssl genrsa -out /tmp/ca.key 2048
+openssl req -new -key /tmp/ca.key -out /tmp/ca.crt -subj '/CN=Test CA/' -x509
 
-openssl genrsa -out /tmp/wrongcn.key 1024
-openssl req -new -key /tmp/wrongcn.key -out /tmp/wrongcn.crt -subj '/CN=127.0.0.2/' -x509
-cat /tmp/wrongcn.crt /tmp/wrongcn.key > /tmp/wrongcn.pem 
+genAndSign "127.0.0.1" "correct"
+genAndSign "127.0.0.2" "wrongcn"

--
Gitblit v1.9.1