@@ -18,7 +18,7 @@ if [ ! -e "${DEMOCA}/cacert.pem" ]; then
1818 ossl ' req -batch -noenc -x509 -new -key ${PRIURI} -out ${DEMOCA}/cacert.pem'
1919fi
2020
21- title PARA " Generating a new CSR"
21+ title PARA " Generating a new CSR with key in file "
2222ossl '
2323req -batch -noenc -newkey rsa:2048
2424 -subj "/CN=testing-csr-signing/O=PKCS11 Provider/C=US"
@@ -28,6 +28,39 @@ title PARA "Signing the new certificate"
2828ossl '
2929ca -batch -in ${DEMOCA}/cert.csr -keyfile ${PRIURI} -out ${DEMOCA}/cert.pem'
3030
31+ title PARA " Generating a new CSR with existing RSA key in token"
32+ ossl '
33+ req -batch -noenc -new -key ${PRIURI}
34+ -subj "/CN=testing-rsa-signing/O=PKCS11 Provider/C=US"
35+ -out ${DEMOCA}/cert-rsa.csr'
36+
37+ title PARA " Signing the new RSA key certificate"
38+ ossl '
39+ ca -batch -in ${DEMOCA}/cert-rsa.csr -keyfile ${PRIURI} -out ${DEMOCA}/cert.pem'
40+
41+ title PARA " Generating a new CSR with existing EC key in token"
42+ ossl '
43+ req -batch -noenc -new -key ${ECPRIURI}
44+ -subj "/CN=testing-ec-signing/O=PKCS11 Provider/C=US"
45+ -out ${DEMOCA}/cert-ec.csr'
46+
47+ title PARA " Signing the new EC key certificate"
48+ ossl '
49+ ca -batch -in ${DEMOCA}/cert-ec.csr -keyfile ${PRIURI} -out ${DEMOCA}/cert.pem'
50+
51+
52+ if [[ -n $EDPRIURI ]]; then
53+ title PARA " Generating a new CSR with existing ED key in token"
54+ ossl '
55+ req -batch -noenc -new -key ${EDPRIURI}
56+ -subj "/CN=testing-ed-signing/O=PKCS11 Provider/C=US"
57+ -out ${DEMOCA}/cert-ed.csr'
58+
59+ title PARA " Signing the new ED key certificate"
60+ ossl '
61+ ca -batch -in ${DEMOCA}/cert-ed.csr -keyfile ${PRIURI} -out ${DEMOCA}/cert.pem'
62+ fi
63+
3164title PARA " Set up OCSP"
3265ossl '
3366req -batch -noenc -new -subj "/CN=OCSP/O=PKCS11 Provider/C=US"
0 commit comments