summaryrefslogtreecommitdiffstats
path: root/ms/testss.bat
blob: d9463bf92ba3f0f7f8201ba7a34065c0c2a6f91b (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
echo=off

set ssleay=..\out\ssleay
set ssleay=%1

set reqcmd=%ssleay% req
set x509cmd=%ssleay% x509
set verifycmd=%ssleay% verify

set CAkey=keyCA.ss
set CAcert=certCA.ss
set CAserial=certCA.srl
set CAreq=reqCA.ss
set CAconf=..\test\CAss.cnf
set CAreq2=req2CA.ss	

set Uconf=..\test\Uss.cnf
set Ukey=keyU.ss
set Ureq=reqU.ss
set Ucert=certU.ss

echo make a certificate request using 'req'
%reqcmd% -config %CAconf% -out %CAreq% -keyout %CAkey% -new
if errorlevel 1 goto err_req

echo convert the certificate request into a self signed certificate using 'x509'
%x509cmd% -CAcreateserial -in %CAreq% -days 30 -req -out %CAcert% -signkey %CAkey% >err.ss
if errorlevel 1 goto err_x509

echo --
echo convert a certificate into a certificate request using 'x509'
%x509cmd% -in %CAcert% -x509toreq -signkey %CAkey% -out %CAreq2% >err.ss
if errorlevel 1 goto err_x509_2

%reqcmd% -verify -in %CAreq% -noout
if errorlevel 1 goto err_verify_1

%reqcmd% -verify -in %CAreq2% -noout
if errorlevel 1 goto err_verify_2

%verifycmd% -CAfile %CAcert% %CAcert%
if errorlevel 1 goto err_verify_3

echo --
echo make another certificate request using 'req'
%reqcmd% -config %Uconf% -out %Ureq% -keyout %Ukey% -new >err.ss
if errorlevel 1 goto err_req_gen

echo --
echo sign certificate request with the just created CA via 'x509'
%x509cmd% -CAcreateserial -in %Ureq% -days 30 -req -out %Ucert% -CA %CAcert% -CAkey %CAkey% -CAserial %CAserial%
if errorlevel 1 goto err_x509_sign

%verifycmd% -CAfile %CAcert% %Ucert%
echo --
echo Certificate details
%x509cmd% -subject -issuer -startdate -enddate -noout -in %Ucert%

echo Everything appeared to work
echo --
echo The generated CA certificate is %CAcert%
echo The generated CA private key is %CAkey%
echo The current CA signing serial number is in %CAserial%

echo The generated user certificate is %Ucert%
echo The generated user private key is %Ukey%
echo --

del err.ss

goto end

:err_req
echo error using 'req' to generate a certificate request
goto end
:err_x509
echo error using 'x509' to self sign a certificate request
goto end
:err_x509_2
echo error using 'x509' convert a certificate to a certificate request
goto end
:err_verify_1
echo first generated request is invalid
goto end
:err_verify_2
echo second generated request is invalid
goto end
:err_verify_3
echo first generated cert is invalid
goto end
:err_req_gen
echo error using 'req' to generate a certificate request
goto end
:err_x509_sign
echo error using 'x509' to sign a certificate request
goto end

:end