#!/bin/sh

openssl genrsa -out root-ca.key 1024
openssl req -new -x509 -days 3650 -key root-ca.key -out root-ca.crt -config ../openssl.cnf -batch -subj "/C=US/ST=Wisconsin/L=Madison/O=CHTC/O=TEST/CN=CA"

perl ../mk_new_ca_dir.pl CondorSigningCA1
mv root-ca.crt CondorSigningCA1/signing-ca-1.crt
mv root-ca.key CondorSigningCA1/signing-ca-1.key

mkdir certificates
N=`openssl x509 -hash -in CondorSigningCA1/signing-ca-1.crt -noout`
echo N is $N
cp ../signing_policy certificates/$N.signing_policy
cp CondorSigningCA1/signing-ca-1.crt certificates/$N.0

openssl req -newkey rsa:1024 -keyout cert.key -nodes -config ../openssl.cnf -out cert.req -batch -subj "/C=US/ST=Wisconsin/L=Madison/O=CHTC/O=TEST/CN=CERT"
openssl ca -config ../openssl.cnf -out cert.crt -in cert.req -batch

