Update: add AIA URL support in make_ca and make_cert functions
All checks were successful
/ test (push) Successful in 13s
All checks were successful
/ test (push) Successful in 13s
This commit is contained in:
20
README.md
20
README.md
@@ -4,6 +4,8 @@
|
||||
|
||||
`simple-ca.sh` is a Bash script that provides functions for creating and managing a simple Certificate Authority (CA) and generating certificates. It can create a single or two-level CA hierarchy, and generate client-server TLS certificates. The script is designed to be simple and easy to use, making it suitable for testing and development purposes, where a self-signed certificate is not sufficient.
|
||||
|
||||
All certificates generated by this script have a random serial number.
|
||||
|
||||
## Functions
|
||||
|
||||
### `make_ca()`
|
||||
@@ -16,8 +18,8 @@ Usage:
|
||||
make_ca [--days <validity_days>] [--issuing-ca <name>] <ca_directory> <ca_name>
|
||||
```
|
||||
|
||||
- `ca_directory`: The directory where the CA files will be stored.
|
||||
- `ca_name`: The name of the CA.
|
||||
- `<ca_directory>`: The directory where the CA files will be stored.
|
||||
- `<ca_name>`: The name of the CA.
|
||||
- `--days <validity_days>`: Optional. The number of days the CA certificate will be valid. Default is 3650 days (10 years).
|
||||
- `--issuing-ca <name>`: Optional. If specified, creates an intermediate CA with <ca_name> as the intermediate CA name and using <name> as certificate and key file prefix for the issuing CA (instead of root's `ca`).
|
||||
|
||||
@@ -33,9 +35,9 @@ Usage:
|
||||
make_cert --ca-dir <ca_directory> [--days <validity_days>] [--issuing-ca <name>] <cert_directory> <subject_name>
|
||||
```
|
||||
|
||||
- `ca_directory`: The directory where the CA files are stored (used to find the CA certificate and key for signing).
|
||||
- `cert_directory`: The directory where the generated certificate and key will be stored.
|
||||
- `subject_name`: The subject name (Common Name) for the certificate.
|
||||
- `<ca_directory>`: The directory where the CA files are stored (used to find the CA certificate and key for signing).
|
||||
- `<cert_directory>`: The directory where the generated certificate and key will be stored.
|
||||
- `<subject_name>`: The subject name (Common Name) for the certificate.
|
||||
- `--days <validity_days>`: Optional. The number of days the certificate will be valid. Default is 365 days.
|
||||
- `--issuing-ca <name>`: Optional. If specified, uses the CA with the key `<name>_key.pem` and certificate `<name>_cert.pem` for signing instead of the root CA.
|
||||
|
||||
@@ -49,7 +51,7 @@ Usage:
|
||||
make_pfx --ca-dir <ca_directory> [--issuing-ca <file_prefix>] --path <pfx_file_path> [--password <pfx_password>]
|
||||
```
|
||||
|
||||
- `ca_directory`: The directory where the CA files are stored (used to find the CA certificate for the chain).
|
||||
- `<file_prefix>`: The file prefix of the issuing CA to include in the chain.
|
||||
- `<pfx_file_path>`: The path where the generated PFX file will be saved.
|
||||
- `<pfx_password>`: Optional. The custom password to protect the PFX, instead of the default `changeit`.
|
||||
- `--ca-dir <ca_directory>`: The directory where the CA files are stored (used to find the CA certificate for the chain).
|
||||
- `--issuing-ca <file_prefix>`: The file prefix of the issuing CA to include in the chain.
|
||||
- `--path <pfx_file_path>`: The path where the generated PFX file will be saved.
|
||||
- `--password <pfx_password>`: Optional. The custom password to protect the PFX, instead of the default `changeit`.
|
||||
|
||||
Reference in New Issue
Block a user