Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Automatic X509 library. Standalone, but part of the Nimbus project.
Java Shell
Branch: master

Fetching latest commit…

Cannot retrieve the latest commit at this time

Failed to load latest commit information.
bin
etc
lib
src/org/nimbustools/auto_common
.gitignore
README
build.properties
build.xml

README

Passwordless/scriptable X509 CA library

------------------------------------------------------------------------------
** This should only be used for test situations **

    http://github.com/nimbusproject/nimbus_ezpz_ca

    http://www.apache.org/licenses/LICENSE-2.0
    Copyright 2010 University of Chicago

    This library is used from scripts or Java.  Example invocations can be
    found in the bin directory, the "autocontainer/bin" Nimbus directory, and
    the "web/src/python/nimbusweb/setup/autoca.py" Nimbus file.
------------------------------------------------------------------------------

Prerequisites: Java 1.5+, Ant 1.6+

Build: ant dist

Usage example of the bin/ samples:

# Create CA cert/key

CA_BASENAME=testca
mkdir /tmp/ezpz_test
./bin/create-ca.sh /tmp/ezpz_test $CA_BASENAME


# Create a trusted certificate directory with expected file names

mkdir /tmp/ezpz_test/trusted-certs
CA_HASH=`openssl x509 -hash -noout -in /tmp/ezpz_test/$CA_BASENAME.0`
CA_PUB="/tmp/ezpz_test/trusted-certs/$CA_HASH.0"
CA_SP="/tmp/ezpz_test/trusted-certs/$CA_HASH.signing_policy"
cp /tmp/ezpz_test/$CA_BASENAME.0 $CA_PUB
cp /tmp/ezpz_test/$CA_BASENAME.signing_policy $CA_SP


# Create a cert

CA_PRIV=/tmp/ezpz_test/private-key-$CA_BASENAME.pem
HOSTNAME=example.com
mkdir /tmp/ezpz_test/hostcertdir
./bin/create-cert.sh /tmp/ezpz_test/hostcertdir $HOSTNAME hostcert.pem hostkey.pem $CA_PUB $CA_PRIV


# Create a JKS keystore for the host cert

HOSTCERT=/tmp/ezpz_test/hostcertdir/hostcert.pem
HOSTKEY=/tmp/ezpz_test/hostcertdir/hostkey.pem
JKS_TO_CREATE=/tmp/ezpz_test/hostcertdir/hostcert.jks
JKS_PASSWORD="3con12oij32d"

./bin/create-jks.sh $HOSTCERT $HOSTKEY $JKS_TO_CREATE $JKS_PASSWORD

Something went wrong with that request. Please try again.