#!/bin/sh

BITS=1024
CONFIG=/usr/local/etc/socs.cnf

PATH=/usr/local/bin:${PATH}
export PATH

#
# Generating the Certificate Request
#

# Create server key

echo ""; echo "Creating server key"; echo ""

openssl genrsa -des3 -out server.key.pass -passout pass:1234 ${BITS} || exit

# Remove passphrase

echo ""; echo "Removing passphrase"; echo ""

openssl rsa -in server.key.pass -out server.key -passin pass:1234 || exit

# Generate certificate request

echo ""; echo "Generating certificate request"; echo ""

openssl req -config ${CONFIG} -new -days 3650 -key server.key -out csr.pem || exit

#
# Signing the Certificate
#

echo ""; echo "Signing the Certificate"; echo ""

openssl ca -config ${CONFIG} -days 3650 -extensions sign_ias_csr -out new.pem -in csr.pem || exit

#
# Generate a Public/Private key file
#

cp server.key cert.pem
openssl x509 -in new.pem >> cert.pem || exit

#
# Generate the PKCS12 file
# 
echo ""; echo "Generating PKCS12"; echo ""

openssl pkcs12 -name "Test Cert" -export -in cert.pem -out cert.p12 -CSP 'Microsoft RSA SChannel Cryptographic Provider' -LMK || exit