1rem set ssleay=..\out\ssleay 2set ssleay=%1 3 4set reqcmd=%ssleay% req 5set x509cmd=%ssleay% x509 6set verifycmd=%ssleay% verify 7 8set CAkey=\OpenSSL\keyCA.ss 9set CAcert=\OpenSSL\certCA.ss 10set CAserial=\OpenSSL\certCA.srl 11set CAreq=\OpenSSL\reqCA.ss 12cecopy ..\test\CAss.cnf CE:\OpenSSL 13set CAconf=\OpenSSL\CAss.cnf 14set CAreq2=\OpenSSL\req2CA.ss 15 16cecopy ..\test\Uss.cnf CE:\OpenSSL 17set Uconf=\OpenSSL\Uss.cnf 18set Ukey=\OpenSSL\keyU.ss 19set Ureq=\OpenSSL\reqU.ss 20set Ucert=\OpenSSL\certU.ss 21 22echo make a certificate request using 'req' 23cerun CE:\OpenSSL\%reqcmd% -config %CAconf% -out %CAreq% -keyout %CAkey% -new 24if errorlevel 1 goto e_req 25 26echo convert the certificate request into a self signed certificate using 'x509' 27cerun CE:\OpenSSL\%x509cmd% -CAcreateserial -in %CAreq% -days 30 -req -out %CAcert% -signkey %CAkey% "> \OpenSSL\err.ss" 28if errorlevel 1 goto e_x509 29 30echo -- 31echo convert a certificate into a certificate request using 'x509' 32cerun CE:\OpenSSL\%x509cmd% -in %CAcert% -x509toreq -signkey %CAkey% -out %CAreq2% "> \OpenSSL\err.ss" 33if errorlevel 1 goto e_x509_2 34 35cerun CE:\OpenSSL\%reqcmd% -verify -in %CAreq% -noout 36if errorlevel 1 goto e_vrfy_1 37 38cerun CE:\OpenSSL\%reqcmd% -verify -in %CAreq2% -noout 39if errorlevel 1 goto e_vrfy_2 40 41cerun CE:\OpenSSL\%verifycmd% -CAfile %CAcert% %CAcert% 42if errorlevel 1 goto e_vrfy_3 43 44echo -- 45echo make another certificate request using 'req' 46cerun CE:\OpenSSL\%reqcmd% -config %Uconf% -out %Ureq% -keyout %Ukey% -new "> \OpenSSL\err.ss" 47if errorlevel 1 goto e_req_gen 48 49echo -- 50echo sign certificate request with the just created CA via 'x509' 51cerun CE:\OpenSSL\%x509cmd% -CAcreateserial -in %Ureq% -days 30 -req -out %Ucert% -CA %CAcert% -CAkey %CAkey% -CAserial %CAserial% 52if errorlevel 1 goto e_x_sign 53 54cerun CE:\OpenSSL\%verifycmd% -CAfile %CAcert% %Ucert% 55echo -- 56echo Certificate details 57cerun CE:\OpenSSL\%x509cmd% -subject -issuer -startdate -enddate -noout -in %Ucert% 58 59cecopy CE:%CAcert% . 60cecopy CE:%CAkey% . 61cecopy CE:%CAserial% . 62cecopy CE:%Ucert% . 63cecopy CE:%Ukey% . 64 65echo Everything appeared to work 66echo -- 67echo The generated CA certificate is %CAcert% 68echo The generated CA private key is %CAkey% 69echo The current CA signing serial number is in %CAserial% 70 71echo The generated user certificate is %Ucert% 72echo The generated user private key is %Ukey% 73echo -- 74 75cedel CE:\OpenSSL\err.ss 76 77goto end 78 79:e_req 80echo error using 'req' to generate a certificate request 81goto end 82:e_x509 83echo error using 'x509' to self sign a certificate request 84goto end 85:e_x509_2 86echo error using 'x509' convert a certificate to a certificate request 87goto end 88:e_vrfy_1 89echo first generated request is invalid 90goto end 91:e_vrfy_2 92echo second generated request is invalid 93goto end 94:e_vrfy_3 95echo first generated cert is invalid 96goto end 97:e_req_gen 98echo error using 'req' to generate a certificate request 99goto end 100:e_x_sign 101echo error using 'x509' to sign a certificate request 102goto end 103 104:end 105