diff options
Diffstat (limited to 'demos/certs/README.txt')
-rw-r--r-- | demos/certs/README.txt | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/demos/certs/README.txt b/demos/certs/README.txt new file mode 100644 index 0000000000..88cf56b1f8 --- /dev/null +++ b/demos/certs/README.txt @@ -0,0 +1,18 @@ +There is often a need to generate test certificates automatically using +a script. This is often a cause for confusion which can result in incorrect +CA certificates, obsolete V1 certificates or duplicate serial numbers. +The range of command line options can be daunting for a beginner. + +The mkcerts.sh script is an example of how to generate certificates +automatically using scripts. Example creates a root CA, an intermediate CA +signed by the root and several certificates signed by the intermediate CA. + +The script then creates an empty index.txt file and adds entries for the +certificates and generates a CRL. Then one certificate is revoked and a +second CRL generated. + +The script ocsprun.sh runs the test responder on port 8888 covering the +client certificates. + +The script ocspquery.sh queries the status of the certificates using the +test responder. |