[ceph.git] / ceph / src / seastar / tests / unit / mkcert.gmk

server  = $(shell hostname)
domain  = $(shell dnsdomainname)
name    = $(server)

country = SE
state   = Stockholm
locality= $(state)
org     = $(domain)
unit    = $(domain)
mail    = mx
common  = $(server).$(domain)
email   = postmaster@$(domain)
ckey    = ca$(key).pem

pubkey  = $(name).pub
prvkey  = $(name).key
width   = 4096

csr     = $(name).csr
crt     = $(name).crt

root    = ca$(name).pem
rootkey = ca$(name).key

config  = $(name).cfg
days    = 3650

alg 	= RSA
alg_opt = -pkeyopt rsa_keygen_bits:$(width)

hosts   =

all     	: $(crt)

clean		:
		@rm -f $(crt) $(csr) $(pubkey) $(prvkey)

%.key		: 
		@echo generating $@
		openssl genpkey -out $@ -algorithm $(alg) $(alg_opt)

%.pub  		: %.key
		@echo generating $@
		openssl pkey -in $< -out $@

$(config) 	: $(MAKEFILE_LIST)
		@echo generating $@
		@(										\
			echo [ req ]                                                    ;       \
			echo default_bits = $(width)                                    ;       \
			echo default_keyfile = $(prvkey)                                  ;       \
			echo default_md = sha256 ;	\
			echo distinguished_name = req_distinguished_name        	;       \
			echo req_extensions = v3_req                                    ;       \
			echo prompt = no                                                ;       \
			echo [ req_distinguished_name ]         			;       \
			echo C = $(country)     					;       \
			echo ST = $(state)      					;       \
			echo L = $(locality)            				;       \
			echo O = $(org)							;	\
			echo OU = $(unit)       					;       \
			echo CN= $(common)      					;       \
			echo emailAddress = $(email)            			;       \
			echo [v3_ca]            					;       \
			echo subjectKeyIdentifier=hash          			;       \
			echo authorityKeyIdentifier=keyid:always,issuer:always  	;       \
			echo basicConstraints = CA:true         			;       \
			echo [v3_req]           					;       \
			echo "# Extensions to add to a certificate request"       	;       \
			echo basicConstraints = CA:FALSE        			;       \
			echo keyUsage = nonRepudiation, digitalSignature, keyEncipherment ;     \
			$(if $(hosts), echo subjectAltName = @alt_names         	;)      \
			$(if $(hosts), echo [alt_names]         			;)      \
			$(if $(hosts), index=1; for host in $(hosts);   			\
		        	do echo DNS.$$index = $$host.$(domain);         		\
				index=$$(($$index + 1));done    ;)      			\
		) > $@

%.csr		: %.key $(config)
	        @echo generating $@
	        openssl req -new -key $< -out $@ -config $(config) 

%.crt  		: %.csr $(root) $(rootkey)
		@echo generating $@
		openssl x509 -req -in $< -CA $(root) -CAkey $(rootkey) -CAcreateserial 		\
			-out $@ -days $(days)

%.pem		: %.key $(config)
	        @echo generating $@
		openssl req -x509 -new -nodes -key $< -days $(days) -config $(config) 		\
			-out $@

.PRECIOUS	: %.pem %.key %.pub %.crt %.csr
Commit	Line	Data
11fdf7f2 TL	1	server = $(shell hostname)
	2	domain = $(shell dnsdomainname)
	3	name = $(server)
	4
	5	country = SE
	6	state = Stockholm
	7	locality= $(state)
	8	org = $(domain)
	9	unit = $(domain)
	10	mail = mx
	11	common = $(server).$(domain)
	12	email = postmaster@$(domain)
	13	ckey = ca$(key).pem
	14
	15	pubkey = $(name).pub
	16	prvkey = $(name).key
	17	width = 4096
	18
	19	csr = $(name).csr
	20	crt = $(name).crt
	21
	22	root = ca$(name).pem
	23	rootkey = ca$(name).key
	24
	25	config = $(name).cfg
	26	days = 3650
	27
f67539c2 TL	28	alg = RSA
	29	alg_opt = -pkeyopt rsa_keygen_bits:$(width)
	30
11fdf7f2 TL	31	hosts =
	32
	33	all : $(crt)
	34
	35	clean :
	36	@rm -f $(crt) $(csr) $(pubkey) $(prvkey)
	37
f67539c2	38	%.key :
11fdf7f2	39	@echo generating $@
f67539c2	40	openssl genpkey -out $@ -algorithm $(alg) $(alg_opt)
11fdf7f2 TL	41
	42	%.pub : %.key
	43	@echo generating $@
f67539c2	44	openssl pkey -in $< -out $@
11fdf7f2 TL	45
	46	$(config) : $(MAKEFILE_LIST)
	47	@echo generating $@
	48	@( \
11fdf7f2 TL	49	echo [ req ] ; \
	50	echo default_bits = $(width) ; \
	51	echo default_keyfile = $(prvkey) ; \
f67539c2	52	echo default_md = sha256 ; \
11fdf7f2 TL	53	echo distinguished_name = req_distinguished_name ; \
	54	echo req_extensions = v3_req ; \
	55	echo prompt = no ; \
	56	echo [ req_distinguished_name ] ; \
	57	echo C = $(country) ; \
	58	echo ST = $(state) ; \
	59	echo L = $(locality) ; \
	60	echo O = $(org) ; \
	61	echo OU = $(unit) ; \
	62	echo CN= $(common) ; \
	63	echo emailAddress = $(email) ; \
	64	echo [v3_ca] ; \
	65	echo subjectKeyIdentifier=hash ; \
	66	echo authorityKeyIdentifier=keyid:always,issuer:always ; \
	67	echo basicConstraints = CA:true ; \
	68	echo [v3_req] ; \
	69	echo "# Extensions to add to a certificate request" ; \
	70	echo basicConstraints = CA:FALSE ; \
	71	echo keyUsage = nonRepudiation, digitalSignature, keyEncipherment ; \
	72	$(if $(hosts), echo subjectAltName = @alt_names ;) \
	73	$(if $(hosts), echo [alt_names] ;) \
	74	$(if $(hosts), index=1; for host in $(hosts); \
	75	do echo DNS.$$index = $$host.$(domain); \
	76	index=$$(($$index + 1));done ;) \
	77	) > $@
	78
	79	%.csr : %.key $(config)
	80	@echo generating $@
	81	openssl req -new -key $< -out $@ -config $(config)
	82
	83	%.crt : %.csr $(root) $(rootkey)
	84	@echo generating $@
	85	openssl x509 -req -in $< -CA $(root) -CAkey $(rootkey) -CAcreateserial \
	86	-out $@ -days $(days)
	87
	88	%.pem : %.key $(config)
	89	@echo generating $@
	90	openssl req -x509 -new -nodes -key $< -days $(days) -config $(config) \
	91	-out $@
	92
	93	.PRECIOUS : %.pem %.key %.pub %.crt %.csr
	94