Makes it easier to test changes to DSA-related code. Signed-off-by: Steffan Karger <stef...@karger.me> --- sample/sample-keys/gen-sample-keys.sh | 16 ++++++++++++++++ 1 file changed, 16 insertions(+)
diff --git a/sample/sample-keys/gen-sample-keys.sh b/sample/sample-keys/gen-sample-keys.sh index 301cff28..920513a1 100755 --- a/sample/sample-keys/gen-sample-keys.sh +++ b/sample/sample-keys/gen-sample-keys.sh @@ -61,6 +61,22 @@ openssl ca -batch -config openssl.cnf \ openssl ca -config openssl.cnf -revoke sample-ca/client-revoked.crt openssl ca -config openssl.cnf -gencrl -out sample-ca/ca.crl +# Create DSA server and client cert (signed by 'regular' RSA CA) +openssl dsaparam -out sample-ca/dsaparams.pem 2048 + +openssl req -new -newkey dsa:sample-ca/dsaparams.pem -nodes -config openssl.cnf \ + -extensions server \ + -keyout sample-ca/server-dsa.key -out sample-ca/server-dsa.csr \ + -subj "/C=KG/ST=NA/O=OpenVPN-TEST/CN=Test-Server-DSA/emailAddress=me@myhost.mydomain" +openssl ca -batch -config openssl.cnf -extensions server \ + -out sample-ca/server-dsa.crt -in sample-ca/server-dsa.csr + +openssl req -new -newkey dsa:sample-ca/dsaparams.pem -nodes -config openssl.cnf \ + -keyout sample-ca/client-dsa.key -out sample-ca/client-dsa.csr \ + -subj "/C=KG/ST=NA/O=OpenVPN-TEST/CN=Test-Client-DSA/emailAddress=me@myhost.mydomain" +openssl ca -batch -config openssl.cnf \ + -out sample-ca/client-dsa.crt -in sample-ca/client-dsa.csr + # Create EC server and client cert (signed by 'regular' RSA CA) openssl ecparam -out sample-ca/secp256k1.pem -name secp256k1 -- 2.11.0 ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
