Comparison

certs/GNUmakefile @ 8592:bd4f8a2b72c7

Rename Makefile -> GNUmakefile to reflect dependency on GNU Make
author Kim Alvefur <zash@zash.se>
date Tue, 31 Oct 2017 17:28:23 +0100
parent 7715:certs/Makefile@08989f8464b9
comparison
equal deleted inserted replaced
8591:0c322389f994 8592:bd4f8a2b72c7
1 .DEFAULT: localhost.crt
2 keysize=2048
3
4 # How to:
5 # First, `make yourhost.cnf` which creates a openssl config file.
6 # Then edit this file and fill in the details you want it to have,
7 # and add or change hosts and components it should cover.
8 # Then `make yourhost.key` to create your private key, you can
9 # include keysize=number to change the size of the key.
10 # Then you can either `make yourhost.csr` to generate a certificate
11 # signing request that you can submit to a CA, or `make yourhost.crt`
12 # to generate a self signed certificate.
13
14 .PRECIOUS: %.cnf %.key
15
16 # To request a cert
17 %.csr: %.cnf %.key
18 openssl req -new -key $(lastword $^) \
19 -sha256 -utf8 -config $(firstword $^) -out $@
20
21 %.csr: %.cnf
22 umask 0077 && touch $*.key
23 openssl req -new -newkey rsa:$(keysize) -nodes -keyout $*.key \
24 -sha256 -utf8 -config $^ -out $@
25 @chmod 400 $*.key
26
27 %.csr: %.key
28 openssl req -new -key $^ -utf8 -subj /CN=$* -out $@
29
30 %.csr:
31 umask 0077 && touch $*.key
32 openssl req -new -newkey rsa:$(keysize) -nodes -keyout $*.key \
33 -utf8 -subj /CN=$* -out $@
34 @chmod 400 $*.key
35
36 # Self signed
37 %.crt: %.cnf %.key
38 openssl req -new -x509 -key $(lastword $^) -days 365 -sha256 -utf8 \
39 -config $(firstword $^) -out $@
40
41 %.crt: %.cnf
42 umask 0077 && touch $*.key
43 openssl req -new -x509 -newkey rsa:$(keysize) -nodes -keyout $*.key \
44 -days 365 -sha256 -utf8 -config $(firstword $^) -out $@
45 @chmod 400 $*.key
46
47 %.crt: %.key
48 openssl req -new -x509 -key $^ -days 365 -sha256 -utf8 -subj /CN=$* -out $@
49
50 %.crt:
51 umask 0077 && touch $*.key
52 openssl req -new -x509 -newkey rsa:$(keysize) -nodes -keyout $*.key \
53 -days 365 -sha256 -out $@ -utf8 -subj /CN=$*
54 @chmod 400 $*.key
55
56 # Generate a config from the example
57 %.cnf:
58 sed 's,example\.com,$*,g' openssl.cnf > $@
59
60 %.key:
61 umask 0077 && openssl genrsa -out $@ $(keysize)
62 @chmod 400 $@
63
64 # Generate Diffie-Hellman parameters
65 dh-%.pem:
66 openssl dhparam -out $@ $*