-
Notifications
You must be signed in to change notification settings - Fork 0
/
generate_certs.sh
31 lines (28 loc) · 934 Bytes
/
generate_certs.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
#!/bin/bash
# Script that generates keys based on config.json
num_clients="$(jq '.clients | length' config.json)"
echo "Generating Certificate Authority"
# First Generate Certificate Authority
cd certs
cfssl gencert -initca ca-csr.json | cfssljson -bare ca
# Now generate the client certs
# We need to generate a server and client cert for each user
echo "Generating Client Certs"
for i in $(seq 0 $(($num_clients - 1)));
do
echo "Client: " $i
client_name="client"$i
# Generating the Temporary CSR for this client
jq ".CN = \"$client_name\"" base-csr.json > $client_name.tmp.json
address_quotes=$(jq ".clients[$i].address" ../config.json)
address=$(echo "$address_quotes" | tr -d '"')
echo $address
# Generate Client Cert
cfssl gencert \
-ca=ca.pem \
-ca-key=ca-key.pem \
-config=ca-config.json \
-profile=massl \
-hostname $address \
$client_name.tmp.json | cfssljson -bare client$i
done