1# 2# Copyright (c) 2025 Dag-Erling Smørgrav <des@FreeBSD.org> 3# 4# SPDX-License-Identifier: BSD-2-Clause 5# 6 7# Generate a random name 8rand_name() { 9 local length=${1:-32} 10 11 jot -r -c -s '' ${length} A Z 12} 13 14# Generate a subject for a given name 15subject() { 16 local crtname=$1 17 18 echo "/CN=${crtname}/O=FreeBSD/OU=Test/" 19} 20 21# Generate a key 22gen_key() { 23 local keyname=$1 24 25 env -i PATH="${PATH}" OPENSSL_CONF=/dev/null \ 26 openssl genrsa -out ${keyname}.key 27} 28 29# Generate a certificate for a given name, key, and serial number 30gen_crt() { 31 local crtname=$1 32 local keyname=${2:-${crtname}} 33 local serial=${3:-1} 34 35 if ! [ -f "${keyname}".key ]; then 36 gen_key "${keyname}" 37 fi 38 env -i PATH="${PATH}" OPENSSL_CONF=/dev/null \ 39 openssl req -x509 -new \ 40 -subj="$(subject ${crtname})" \ 41 -set_serial ${serial} \ 42 -key ${keyname}.key \ 43 -out ${crtname}.crt 44} 45