#**********************************************************************#
#*                                                                    *#
#* Copyright (c) 2001 by Sun Microsystems, Inc.                       *#
#* All rights reserved.                                               *#
#*                                                                    *#
#**********************************************************************#

# Get the hostname to use as the common name (CN) of the server certificate
hostname=`hostname`

# Create the password file
echo certdb > certdb

# Create the certificate database
if [ -d cert_db ]
then
    rm -r cert_db
fi
mkdir cert_db
echo
echo "*** Enter new password: certdb ***"
echo
certutil -N -d cert_db

# Create the Root Certificate Authority (CA) certificate (self signed)
certutil -S -n "My Root CA" -s "CN=root.com,O=MyCo,ST=California,C=US" -x -t "CTu,CTu,CTu" -d cert_db -f certdb -z cert_db/cert7.db

# Create the server cerificate (signed by My Root CA)
certutil -S -n "server" -s "CN=$hostname,O=MyCo,ST=California,C=US" -c "My Root CA" -t "u,u,u" -d cert_db -f certdb -z cert_db/cert7.db

# Create the client certificate (signed by My Root CA)
certutil -S -n "client" -s "CN=client,O=MyCo,ST=California,C=US" -c "My Root CA" -t "u,u,u" -d cert_db -f certdb -z cert_db/cert7.db

# Validate the certificates
certutil -V -u C -n "My Root CA" -d cert_db -f certdb
certutil -V -u C -n "client" -d cert_db -f certdb
certutil -V -u V -n "server" -d cert_db -f certdb
