Permalink
Browse files

The code that makes the things

  • Loading branch information...
1 parent 55974f8 commit ed885525f9ba63ea1c3d0780f870514cbe704eea @isaacs committed Sep 23, 2011
Showing with 106 additions and 0 deletions.
  1. +1 −0 .gitignore
  2. +66 −0 Makefile
  3. +20 −0 ca.cnf
  4. +19 −0 server.cnf
View
@@ -0,0 +1 @@
+.attic
View
@@ -0,0 +1,66 @@
+
+all: ca.crl server.key server.crt
+
+clean:
+ attic=.attic/$(shell date -u +'%Y-%M-%d-%H-%m-%S'); \
+ mkdir -p $$attic;\
+ mv server.key $$attic;\
+ mv server.crt $$attic;\
+ mv server.csr $$attic;\
+ mv ca.key $$attic;\
+ mv ca.crt $$attic;\
+ mv ca.srl $$attic;\
+ mv ca.csr $$attic
+
+# nothing to revoke, yet
+ca.crl:
+ touch ca.crl
+
+ca.key: ca.cnf
+ openssl req -new -x509 -days 3650 -config ca.cnf -keyout ca.key -out ca.crt
+
+ca.csr: ca.cnf ca.key
+ openssl req -new -config ca.cnf -key ca.key -out ca.csr -passin "pass:password"
+
+ca.crt: ca.cnf ca.csr
+ openssl x509 -req \
+ -days 3650 \
+ -in ca.csr \
+ -signkey ca.key \
+ -out ca.crt \
+ -passin "pass:password"
+
+server.key:
+ openssl genrsa -out server.key
+
+server.csr: server.cnf server.key
+ openssl req -new -config server.cnf -key server.key -out server.csr
+
+
+server.crt: server.csr ca.crt ca.key
+ openssl x509 -req \
+ -days 3650 \
+ -in server.csr \
+ -passin "pass:password" \
+ -CA ca.crt \
+ -CAkey ca.key \
+ -CAcreateserial \
+ -out server.crt
+
+test: server.crt ca.crt
+ @openssl verify \
+ -CAfile ca.crt \
+ -policy_check \
+ -x509_strict \
+ -check_ss_sig \
+ server.crt &&\
+ openssl verify \
+ -CAfile ca.crt \
+ -issuer_checks \
+ -policy_check \
+ -x509_strict \
+ -check_ss_sig \
+ ca.crt &&\
+ node server.js
+
+.PHONY: all test
View
20 ca.cnf
@@ -0,0 +1,20 @@
+[ req ]
+default_bits = 1024
+days = 3650
+distinguished_name = req_distinguished_name
+attributes = req_attributes
+prompt = no
+output_password = password
+
+[ req_distinguished_name ]
+C = US
+ST = CA
+L = Oakland
+O = npm
+OU = npm Certificate Authority
+CN = npmCA
+emailAddress = i@izs.me
+
+[ req_attributes ]
+challengePassword = password challenge
+
View
@@ -0,0 +1,19 @@
+[ req ]
+default_bits = 1024
+days = 3650
+distinguished_name = req_distinguished_name
+attributes = req_attributes
+prompt = no
+
+[ req_distinguished_name ]
+C = US
+ST = CA
+L = Oakland
+O = npm
+OU = registry
+CN = registry.npmjs.org
+emailAddress = i@izs.me
+
+[ req_attributes ]
+challengePassword = password challenge
+

0 comments on commit ed88552

Please sign in to comment.