#!/bin/sh # echo "WARNING: do not use this script on Debian" echo "with Openssl ver. 0.9.8c-1" echo "and later versions till 0.9.8c-4etch3." echo "...its vulnerability was published on 13 May 2008." echo "." echo "Ak toto spustate na Debiane so starsim Openssl (vid vyssie)," echo "generovanie privatneho kluca nie je nahodne a dal by sa lahko desifrovat." echo "Preto radsej pouzite iny sposob vygenerovania ziadosti." echo " " # reqf=usercert_request.pem cat <<-EOT >out$$ # # SlovakGrid CA configuration for user certificate requests # [ req ] default_bits = 2048 default_keyfile = userkey.pem default_md = sha256 distinguished_name = req_distinguished_name [ req_distinguished_name ] countryName = SK (do not modify) countryName_default = SK 0.organizationName = SlovakGrid (do not modify) 0.organizationName_default = SlovakGrid 1.organizationName = Organization Name (e.g. FMPhI) 1.organizationName_default = commonName = Name (e.g., John M. Smith) commonName_max = 64 EOT openssl req -out $reqf -newkey rsa:2048 -config out$$ chmod 600 userkey.pem echo openssl req -in $reqf -text|head echo ... echo "Save your userkey.pem file." echo "Sign the file $reqf by your old personnal certificate" echo "and send it to ca.uiATsavba.sk," echo "or bring the file $reqf on diskette/CD/DVD to the nearest" echo "RA (sitting in Bratislava, Trnava, Zilina, B.Bystrica, Kosice)." echo "Or bring the sha256 hash of the file $reqf written in" echo "a paper/form to the nearest RA and send the file $reqf to" echo "ca.uiATsavba.sk" echo "." echo "Dobre uschovajte subor userkey.pem." echo "Podpiste subor $reqf Vasim starym este platnym osobnym" echo "certifikatom a poslite na ca.uiATsavba.sk," echo "alebo prineste subor $reqf osobne na diskete/CD/DVD do" echo "najblizsej RA (Bratislava, Trnava, Zilina, B.Bystrica alebo Kosice)." echo "Alebo prineste sha256 hash suboru $reqf napisany na" echo "papier/do formulara do najblizsej RA a poslite subor" echo "$reqf na ca.uiATsavba.sk a ten hash je nasledovny:" sha256sum $reqf rm out$$