24 lines
898 B
Bash
24 lines
898 B
Bash
#!/bin/sh
|
|
# certs/create-ca.sh — Generate Root CA for Sawa Control Panel
|
|
|
|
# Exit on error
|
|
set -e
|
|
|
|
CERT_DIR=$(dirname "$0")
|
|
CA_KEY="$CERT_DIR/ca.key"
|
|
CA_CRT="$CERT_DIR/ca.crt"
|
|
|
|
echo "Step 1: Generating Root CA Private Key (4096-bit RSA)..."
|
|
openssl genrsa -out "$CA_KEY" 4096
|
|
|
|
echo "Step 2: Generating self-signed Root CA Certificate (valid for 10 years)..."
|
|
echo "Using Subject: /CN=Sawa Control Panel Root CA/O=Sawa/C=XX"
|
|
openssl req -x509 -new -nodes -key "$CA_KEY" -sha256 -days 3650 -out "$CA_CRT" -subj "/CN=Sawa Control Panel Root CA/O=Sawa/C=XX"
|
|
|
|
echo ""
|
|
echo "--------------------------------------------------------"
|
|
echo "ROOT CA SUCCESSFUL"
|
|
echo "--------------------------------------------------------"
|
|
echo "Generated $CA_KEY (Keep this extremely secure!)"
|
|
echo "Generated $CA_CRT (Distribute this to client devices)"
|
|
echo "--------------------------------------------------------"
|