Commit 69596be6 authored by Leigh Stoller's avatar Leigh Stoller

Add certificate for jabberd.

parent 41237175
......@@ -14,7 +14,7 @@ include $(OBJDIR)/Makeconf
all: emulab.pem server.pem localnode.pem ronnode.pem pcwa.pem ctrlnode.pem \
capture.pem capture.fingerprint capture.sha1fingerprint \
keys mksig
keys mksig jabber.pem
remote-site: emulab.pem capture.pem capture.fingerprint server.pem \
localnode.pem capture.sha1fingerprint apache.pem apache-ops.pem \
......@@ -146,6 +146,29 @@ capture.pem: dirsmade capture.cnf ca.cnf
cat capture_key.pem capture_cert.pem > capture.pem
rm -f newreq.pem
jabber.pem: dirsmade jabber.cnf ca.cnf
#
# Create the server side private key and certificate request.
#
openssl req -new -config jabber.cnf \
-keyout jabber_key.pem -out jabber_req.pem
#
# Combine key and cert request.
#
cat jabber_key.pem jabber_req.pem > newreq.pem
#
# Sign the server cert request, creating a server certificate.
#
openssl ca -batch -policy policy_sslxmlrpc -config ca.cnf \
-out jabber_cert.pem \
-cert cacert.pem -keyfile cakey.pem \
-infiles newreq.pem
#
# Combine the key and the certificate into one file which is installed
# on boss and used by tmcd.
#
cat jabber_key.pem jabber_cert.pem > jabber.pem
rm -f newreq.pem
#
# Generate the fingerprint of the capture certificate
......
[ req ]
prompt = no
default_bits = 1024
default_keyfile = privkey.pem
distinguished_name = req_distinguished_name
attributes = req_attributes
x509_extensions = v3_ca # The extentions to add to the self signed cert
encrypt_key = no
string_mask = nombstr
[ req_distinguished_name ]
C = @SSLCERT_COUNTRY@
ST = @SSLCERT_STATE@
L = @SSLCERT_LOCALITY@
O = @SSLCERT_ORGNAME@
OU = Jabber
CN = @USERNODE@
emailAddress = @TBOPSEMAIL@
[ req_attributes ]
[ v3_ca ]
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid:always,issuer:always
basicConstraints = CA:true
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment