cat <<EOF > $CA_DIR/${catype}.namespaces
# Namespace for the $(echo "$subject_name" | sed -e 's#^.*/CN=##')
-TO Issuer "${subject_name:9} \\"
+TO Issuer "${subject_name:9}" \
PERMIT Subject "$(echo "${subject_name:9}" | sed -e 's#/CN=.*$##')/*"
EOF
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIIC3TCCAkagAwIBAgIBADANBgkqhkiG9w0BAQUFADBZMQswCQYDVQQGEwJVRzEP
+MA0GA1UEBxMGVHJvcGljMQ8wDQYDVQQKEwZVdG9waWExEzARBgNVBAsTClJlbGF4
+YXRpb24xEzARBgNVBAMTCnRoZSBiYWQgY2EwHhcNMDkwNjEwMDg1MTE0WhcNMzIw
+NjA0MDg1MTE0WjBZMQswCQYDVQQGEwJVRzEPMA0GA1UEBxMGVHJvcGljMQ8wDQYD
+VQQKEwZVdG9waWExEzARBgNVBAsTClJlbGF4YXRpb24xEzARBgNVBAMTCnRoZSBi
+YWQgY2EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOnSGYPzR4XyUwMrwk7U
+u10TVyfQPd5uhXK8uLdERC/shNQ/qBH6HtmgiiCm7GCB40bkJgp3mmJ+HWN4JOGe
+e1UW5tgsc2e2ODF8GJNkcmdqcpkZ3/vbA3tQx2LmNtAEcgsnkiY+MtYCTS+xbirL
+YgAYNV2TYLymSSGwvcjUGkodAgMBAAGjgbQwgbEwHQYDVR0OBBYEFGDsw1knQ14E
+I51ZkTfhgsF9J3SQMIGBBgNVHSMEejB4gBRg7MNZJ0NeBCOdWZE34YLBfSd0kKFd
+pFswWTELMAkGA1UEBhMCVUcxDzANBgNVBAcTBlRyb3BpYzEPMA0GA1UEChMGVXRv
+cGlhMRMwEQYDVQQLEwpSZWxheGF0aW9uMRMwEQYDVQQDEwp0aGUgYmFkIGNhggEA
+MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAxRcla6HVYf9lhOipnNua
+QP1HjmJ9CUygBTdczSM2NGnwvC7pTIV01tRsbsOxvRqUM3iZIv/XX3Bkjuww47YV
+eon/S55B4VQIFKIq4VWI9ZALyb/QlKhO2CLxgAJ7LNgnSBsmhKx9WL/st+WSRPgs
+yCCnlgIh1ZZY8jsgaRNDiJg=
+-----END CERTIFICATE-----
--- /dev/null
+-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQDp0hmD80eF8lMDK8JO1LtdE1cn0D3eboVyvLi3REQv7ITUP6gR
++h7ZoIogpuxggeNG5CYKd5pifh1jeCThnntVFubYLHNntjgxfBiTZHJnanKZGd/7
+2wN7UMdi5jbQBHILJ5ImPjLWAk0vsW4qy2IAGDVdk2C8pkkhsL3I1BpKHQIDAQAB
+AoGBAMDZNYw8CeCzNb5myBNGp+Yjfn3q5ixgEZbJirw1BNxWAlQg0JlLJ0itfV9i
+7ZDHcFHW+H0nmmDjzY9t11Vy5hp7a47ssqBEeQXpyXI+YRwc5jIW2ThaZNlMiPVm
+HfpiyNlftswNEjjpQ0nAqp3LFldbonHJI+a687O0AXSWmJUNAkEA+TlOJmhmD0u6
+AL1EqjCH9AnAgQCbmgDlQ+7bOxXsUvHJ82kYL/nB+Kq08ZC3ZuWYtv0kiHwEpANO
+qqewmyGYqwJBAPAtlR+w6XRzJSj2DyfkNajM1Gyo4HdufDjydKSqqipI0WfW/S+s
+NUEZHlgCoHx7rB/PdV49nHINTPmMkxreOFcCQEJ1KYXMaQrDIsJ3tgu8DUTiJNdB
+ljym6HwJAaTr36zulO+3op+IdlUdEEsqT/28U9DYCBntGD+0MhIHzWxQtSkCQCkt
+Z3e7eQsCAsj3BrosIhcCpxjKC1Hum1WYG+9vYyVEvsIy1c2qlKbIi69DJAizm1sI
+0nKJ1ZyoMx5Fv6LHnpkCQQD08QwHsVRycgd44wbd6nTJ4NCrk6kZ7NBVkz8k5tcl
+nwDtFEJV/zdL2Hr2JTW6yOlO452Q+Z/oq1NFhm42YIEx
+-----END RSA PRIVATE KEY-----
--- /dev/null
+[ca]\r
+default_ca = CA_default\r
+\r
+[CA_default]\r
+dir = $ENV::CA_DIR\r
+database = $dir/index.txt\r
+serial = $dir/serial.txt\r
+default_md = sha1\r
+\r
+certificate = $dir/$ENV::CATYPE.cert\r
+private_key = $dir/$ENV::CATYPE.priv\r
+\r
+policy = policy_any\r
+\r
+[policy_any]\r
+countryName = supplied\r
+stateOrProvinceName = optional\r
+localityName = optional\r
+organizationName = optional\r
+organizationalUnitName = optional\r
+commonName = supplied\r
+emailAddress = optional\r
+serialNumber = optional\r
+userId = optional\r
+\r
+[ ca_cert ]\r
+basicConstraints=CA:TRUE\r
+\r
+\r
+[ ca_server ]\r
+# This is OK for an SSL server.\r
+nsCertType = server\r
+nsComment = "OpenSSL Generated Server Certificate"\r
+\r
+# For an object signing certificate this would be used.\r
+# nsCertType = objsign\r
+\r
+[ ca_client ]\r
+# For normal client use this is typical\r
+nsCertType = client, email\r
+nsComment = "OpenSSL Generated Client Certificate"\r
+\r
+[ ca_clientserver ]\r
+# For normal client use this is typical\r
+nsCertType = server, client, email\r
+nsComment = "OpenSSL Generated Client Server Certificate"\r
+\r
+# and for everything including object signing:\r
+# nsCertType = client, email, objsign\r
+\r
+[ ca_fclient ]\r
+# This is typical in keyUsage for a client certificate.\r
+keyUsage = nonRepudiation, digitalSignature, keyEncipherment\r
+\r
+# This will be displayed in Netscape's comment listbox.\r
+nsComment = "OpenSSL Generated Client Certificate with Flags"\r
+\r
+[ ca_none ]\r
+nsComment = "OpenSSL Generated Client Certificate with Flags"\r
+\r
+[ proxy_none ]\r
+keyUsage=critical,digitalSignature,keyEncipherment\r
--- /dev/null
+[ca]\r
+default_ca = CA_default\r
+\r
+[CA_default]\r
+dir = $ENV::CA_DIR\r
+database = $dir/index_proxy.txt\r
+serial = $dir/serial_proxy.txt\r
+\r
+certificate = $dir/$ENV::CATYPE.cert\r
+private_key = $dir/$ENV::CATYPE.priv\r
+\r
+policy = policy_any\r
+\r
+[policy_any]\r
+countryName = supplied\r
+stateOrProvinceName = optional\r
+localityName = optional\r
+organizationName = optional\r
+organizationalUnitName = optional\r
+commonName = supplied\r
+emailAddress = optional\r
+\r
+[ ca_cert ]\r
+basicConstraints=CA:TRUE\r
+\r
+[ proxy_none ]\r
+\r
--- /dev/null
+[ req ]\r
+default_bits = $ENV::BITS\r
+default_keyfile = keyfile.pem\r
+distinguished_name = req_distinguished_name\r
+attributes = req_attributes\r
+prompt = no\r
+output_password = $ENV::PASSWORD\r
+ca_cert = CA_cert\r
+\r
+[ req_distinguished_name ]\r
+countryName = UG\r
+\r
+#stateOrProvinceName = South area\r
+\r
+localityName = Tropic\r
+\r
+organizationName = Utopia\r
+\r
+organizationalUnitName = Relaxation\r
+\r
+commonName = $ENV::CN\r
+\r
+#emailAddress = Email Address\r
+\r
+[ req_attributes ]\r
+#challengePassword = $ENV::PASSWORD\r
+\r
+[ CA_cert ]\r
+basicConstraints = CA:true\r
+subjectKeyIdentifier=hash\r
+authorityKeyIdentifier=keyid:always,issuer:always\r
+\r
+[ proxy_none ]\r
--- /dev/null
+[ req ]\r
+default_bits = $ENV::BITS\r
+default_keyfile = keyfile.pem\r
+distinguished_name = req_distinguished_name\r
+attributes = req_attributes\r
+prompt = no\r
+output_password = $ENV::PASSWORD\r
+ca_cert = CA_cert\r
+\r
+[ req_distinguished_name ]\r
+countryName = UG\r
+\r
+#stateOrProvinceName = South area\r
+\r
+localityName = Tropic\r
+\r
+organizationName = Utopia\r
+\r
+organizationalUnitName = Relaxation\r
+\r
+commonName = $ENV::CN\r
+\r
+#userId = testuserid\r
+\r
+#emailAddress = Email Address\r
+\r
+[ req_attributes ]\r
+#challengePassword = $ENV::PASSWORD\r
+\r
+[ CA_cert ]\r
+basicConstraints = CA:true\r
+subjectKeyIdentifier=hash\r
+authorityKeyIdentifier=keyid:always,issuer:always\r
+\r
+[ proxy_none ]\r
--- /dev/null
+[ req ]\r
+default_bits = $ENV::BITS\r
+default_keyfile = keyfile.pem\r
+distinguished_name = req_distinguished_name\r
+attributes = req_attributes\r
+prompt = no\r
+output_password = $ENV::PASSWORD\r
+ca_cert = CA_cert\r
+\r
+[ req_distinguished_name ]\r
+countryName = UG\r
+\r
+#stateOrProvinceName = South area\r
+\r
+localityName = Tropic\r
+\r
+organizationName = Utopia\r
+\r
+organizationalUnitName = Chillin\r
+\r
+commonName = $ENV::CN\r
+\r
+#emailAddress = test@home.org\r
+\r
+[ req_attributes ]\r
+#challengePassword = $ENV::PASSWORD\r
+\r
+[ CA_cert ]\r
+basicConstraints = CA:true\r
+subjectKeyIdentifier=hash\r
+authorityKeyIdentifier=keyid:always,issuer:always\r
+\r
+[ proxy_none ]\r
--- /dev/null
+[ca]
+default_ca = CA_default
+
+[CA_default]
+dir = $ENV::CA_DIR
+database = $dir/index.txt
+serial = $dir/serial.txt
+
+certificate = $dir/$ENV::CATYPE.cert
+private_key = $dir/$ENV::CATYPE.priv
+
+[ req ]
+
+default_bits = 1024
+default_keyfile = keyfile.pem
+distinguished_name = req_distinguished_name
+attributes = req_attributes
+prompt = no
+output_password = $ENV::PASSWORD
+# ca_cert = CA_cert
+
+[ req_distinguished_name ]
+
+countryName = UG
+
+#stateOrProvinceName = South area
+
+localityName = Tropic
+
+organizationName = Utopia
+
+organizationalUnitName = Relaxation
+
+0.commonName = $ENV::CN
+
+1.commonName = $ENV::PROXYNAME
+
+#emailAddress = Email Address
+
+[ req_attributes ]
+
+[ CA_cert]
+
+basicConstraints = CA:true
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid:always,issuer:always
--- /dev/null
+[ req ]
+default_bits = 1024
+default_keyfile = keyfile.pem
+distinguished_name = req_distinguished_name
+attributes = req_attributes
+prompt = no
+output_password = $ENV::PASSWORD
+ca_cert = CA_cert
+
+[ req_distinguished_name ]
+countryName = UG
+
+#stateOrProvinceName = South area
+
+localityName = Tropic
+
+organizationName = Utopia
+
+organizationalUnitName = Relaxation
+
+0.commonName = $ENV::CN
+
+1.commonName = $ENV::PROXYNAME
+
+2.commonName = $ENV::PROXYNAME
+
+#emailAddress = Email Address
+
+[ req_attributes ]
+#challengePassword = $ENV::PASSWORD
+
+[ CA_cert]
+basicConstraints = CA:true
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid:always,issuer:always
git://scientific.zcu.cz / glite-security-test-utils.git / commitdiff