1@echo off 2 3rem set ssleay=..\out\ssleay 4set ssleay=%1 5 6set reqcmd=%ssleay% req 7set x509cmd=%ssleay% x509 -sha1 8set verifycmd=%ssleay% verify 9 10set CAkey=keyCA.ss 11set CAcert=certCA.ss 12set CAserial=certCA.srl 13set CAreq=reqCA.ss 14set CAconf=..\test\CAss.cnf 15set CAreq2=req2CA.ss 16 17set Uconf=..\test\Uss.cnf 18set Ukey=keyU.ss 19set Ureq=reqU.ss 20set Ucert=certU.ss 21 22echo make a certificate request using 'req' 23%reqcmd% -config %CAconf% -out %CAreq% -keyout %CAkey% -new 24if errorlevel 1 goto e_req 25 26echo convert the certificate request into a self signed certificate using 'x509' 27%x509cmd% -CAcreateserial -in %CAreq% -days 30 -req -out %CAcert% -signkey %CAkey% >err.ss 28if errorlevel 1 goto e_x509 29 30echo -- 31echo convert a certificate into a certificate request using 'x509' 32%x509cmd% -in %CAcert% -x509toreq -signkey %CAkey% -out %CAreq2% >err.ss 33if errorlevel 1 goto e_x509_2 34 35%reqcmd% -verify -in %CAreq% -noout 36if errorlevel 1 goto e_vrfy_1 37 38%reqcmd% -verify -in %CAreq2% -noout 39if errorlevel 1 goto e_vrfy_2 40 41%verifycmd% -CAfile %CAcert% %CAcert% 42if errorlevel 1 goto e_vrfy_3 43 44echo -- 45echo make another certificate request using 'req' 46%reqcmd% -config %Uconf% -out %Ureq% -keyout %Ukey% -new >err.ss 47if errorlevel 1 goto e_req_gen 48 49echo -- 50echo sign certificate request with the just created CA via 'x509' 51%x509cmd% -CAcreateserial -in %Ureq% -days 30 -req -out %Ucert% -CA %CAcert% -CAkey %CAkey% -CAserial %CAserial% 52if errorlevel 1 goto e_x_sign 53 54%verifycmd% -CAfile %CAcert% %Ucert% 55echo -- 56echo Certificate details 57%x509cmd% -subject -issuer -startdate -enddate -noout -in %Ucert% 58 59echo Everything appeared to work 60echo -- 61echo The generated CA certificate is %CAcert% 62echo The generated CA private key is %CAkey% 63echo The current CA signing serial number is in %CAserial% 64 65echo The generated user certificate is %Ucert% 66echo The generated user private key is %Ukey% 67echo -- 68 69del err.ss 70 71goto end 72 73:e_req 74echo error using 'req' to generate a certificate request 75goto end 76:e_x509 77echo error using 'x509' to self sign a certificate request 78goto end 79:e_x509_2 80echo error using 'x509' convert a certificate to a certificate request 81goto end 82:e_vrfy_1 83echo first generated request is invalid 84goto end 85:e_vrfy_2 86echo second generated request is invalid 87goto end 88:e_vrfy_3 89echo first generated cert is invalid 90goto end 91:e_req_gen 92echo error using 'req' to generate a certificate request 93goto end 94:e_x_sign 95echo error using 'x509' to sign a certificate request 96goto end 97 98:end 99