-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathMakefile.sub
More file actions
47 lines (32 loc) · 1.14 KB
/
Makefile.sub
File metadata and controls
47 lines (32 loc) · 1.14 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
# Generate a set of keys and certificate signing requests using the same
# parameters so that keys can be pinned in advance.
#
# © 2017 Luis E. Muñoz -- All Rights Reserved
# Parameters -- Point this to GnuTLS's certtool
GNUTLS?=/usr/bin/certtool
# GNUTLS?=/usr/local/bin/gnutls-certtool
# One suffix per key set
SUFFIX=0 1 2 3
all: $(foreach c,$(SUFFIX),cert-$(c).csr)
clean:
$(RM) *.csr *.key *.pub
# How to generate key pairs and CSRs using Makefile rules
%.csr: %.key template.conf
$(GNUTLS) --generate-request --load-privkey $< --template template.conf --outfile $@
%.key:
$(GNUTLS) --generate-privkey --outfile $@
$(GNUTLS) --load-privkey $@ --pubkey-info --outfile $(basename $@).pub
%.pub: %.key
$(GNUTLS) --load-privkey $< --pubkey-info --outfile $@
show-domains: BUCKET := $(shell basename $(shell pwd))
show-domains: cert-0.csr
@$(GNUTLS) --crq-info < $< \
| grep --perl-regexp '^\s+(DNSname|Subject): ' \
| sed -e 's/^.*CN=//' \
-e 's/^.*DNSname: //' \
-e 's/,.*$$//' \
-e 's/^/$(BUCKET),/' \
| sort \
| uniq
# Do not remove the key files automatically
.SECONDARY: $(foreach c,$(SUFFIX),cert-$(c).key)