1 rem set ssleay=..\out\ssleay
\r
4 set reqcmd=%ssleay% req
\r
5 set x509cmd=%ssleay% x509
\r
6 set verifycmd=%ssleay% verify
\r
8 set CAkey=\OpenSSL\keyCA.ss
\r
9 set CAcert=\OpenSSL\certCA.ss
\r
10 set CAserial=\OpenSSL\certCA.srl
\r
11 set CAreq=\OpenSSL\reqCA.ss
\r
12 cecopy ..\test\CAss.cnf CE:\OpenSSL
\r
13 set CAconf=\OpenSSL\CAss.cnf
\r
14 set CAreq2=\OpenSSL\req2CA.ss
\r
16 cecopy ..\test\Uss.cnf CE:\OpenSSL
\r
17 set Uconf=\OpenSSL\Uss.cnf
\r
18 set Ukey=\OpenSSL\keyU.ss
\r
19 set Ureq=\OpenSSL\reqU.ss
\r
20 set Ucert=\OpenSSL\certU.ss
\r
22 echo make a certificate request using 'req'
\r
23 cerun CE:\OpenSSL\%reqcmd% -config %CAconf% -out %CAreq% -keyout %CAkey% -new
\r
24 if errorlevel 1 goto e_req
\r
26 echo convert the certificate request into a self signed certificate using 'x509'
\r
27 cerun CE:\OpenSSL\%x509cmd% -CAcreateserial -in %CAreq% -days 30 -req -out %CAcert% -signkey %CAkey% "> \OpenSSL\err.ss"
\r
28 if errorlevel 1 goto e_x509
\r
31 echo convert a certificate into a certificate request using 'x509'
\r
32 cerun CE:\OpenSSL\%x509cmd% -in %CAcert% -x509toreq -signkey %CAkey% -out %CAreq2% "> \OpenSSL\err.ss"
\r
33 if errorlevel 1 goto e_x509_2
\r
35 cerun CE:\OpenSSL\%reqcmd% -verify -in %CAreq% -noout
\r
36 if errorlevel 1 goto e_vrfy_1
\r
38 cerun CE:\OpenSSL\%reqcmd% -verify -in %CAreq2% -noout
\r
39 if errorlevel 1 goto e_vrfy_2
\r
41 cerun CE:\OpenSSL\%verifycmd% -CAfile %CAcert% %CAcert%
\r
42 if errorlevel 1 goto e_vrfy_3
\r
45 echo make another certificate request using 'req'
\r
46 cerun CE:\OpenSSL\%reqcmd% -config %Uconf% -out %Ureq% -keyout %Ukey% -new "> \OpenSSL\err.ss"
\r
47 if errorlevel 1 goto e_req_gen
\r
50 echo sign certificate request with the just created CA via 'x509'
\r
51 cerun CE:\OpenSSL\%x509cmd% -CAcreateserial -in %Ureq% -days 30 -req -out %Ucert% -CA %CAcert% -CAkey %CAkey% -CAserial %CAserial%
\r
52 if errorlevel 1 goto e_x_sign
\r
54 cerun CE:\OpenSSL\%verifycmd% -CAfile %CAcert% %Ucert%
\r
56 echo Certificate details
\r
57 cerun CE:\OpenSSL\%x509cmd% -subject -issuer -startdate -enddate -noout -in %Ucert%
\r
59 cecopy CE:%CAcert% .
\r
61 cecopy CE:%CAserial% .
\r
65 echo Everything appeared to work
\r
67 echo The generated CA certificate is %CAcert%
\r
68 echo The generated CA private key is %CAkey%
\r
69 echo The current CA signing serial number is in %CAserial%
\r
71 echo The generated user certificate is %Ucert%
\r
72 echo The generated user private key is %Ukey%
\r
75 cedel CE:\OpenSSL\err.ss
\r
80 echo error using 'req' to generate a certificate request
\r
83 echo error using 'x509' to self sign a certificate request
\r
86 echo error using 'x509' convert a certificate to a certificate request
\r
89 echo first generated request is invalid
\r
92 echo second generated request is invalid
\r
95 echo first generated cert is invalid
\r
98 echo error using 'req' to generate a certificate request
\r
101 echo error using 'x509' to sign a certificate request
\r