75 lines
3.2 KiB
Bash
Executable File
75 lines
3.2 KiB
Bash
Executable File
#!/bin/sh
|
|
|
|
CA_FILE=$(realpath "./server/ca.crt")
|
|
CA_KEY=$(realpath "./server/ca.key")
|
|
SRL_FILE=$(realpath "./server/ca.srl")
|
|
CSR_FILE=$(realpath "./server/server.csr")
|
|
SSL_FILE=$(realpath "./server/server.crt")
|
|
SSL_KEY=$(realpath "./server/server.key")
|
|
|
|
superuserCommand="pkexec"
|
|
if [ -z "$(command -v pkexec)" ]; then
|
|
superuserCommand="sudo"
|
|
fi
|
|
|
|
if [ "$1" = "-u" ] || [ "$1" = "--uninstall" ]; then
|
|
echo "Uninstalling the certificate..."
|
|
if [ -z "$(command -v p11-kit)" ]; then
|
|
$superuserCommand sh -c "rm /usr/local/share/ca-certificates/$CA_FILE && update-ca-certificates"
|
|
else
|
|
$superuserCommand sh -c "trust anchor --remove $CA_FILE"
|
|
fi
|
|
rm "$CA_FILE" "$CA_KEY" "$CSR_FILE" "$SSL_FILE" "$SSL_KEY" "$SRL_FILE"
|
|
echo "Good, you've uninstalled the certificate."
|
|
|
|
exit 0
|
|
fi
|
|
|
|
if ! [ -f "$CA_FILE" ] || ! [ -f "$CA_KEY" ] || ! [ -f "$CSR_FILE" ] || ! [ -f "$SSL_FILE" ] || ! [ -f "$SSL_KEY" ]; then
|
|
echo "Warning! This will add a certificate to your system's trust store."
|
|
echo "If this self-signed certificate is ever leaked, attackers can use it to cause damage."
|
|
echo "Please only run this script if you understand the risks and trust the source of the certificate."
|
|
echo "We take no responsibility for any damage caused by the use of this certificate... though that's said in the LICENSE."
|
|
echo "Do you want to continue? (yes/no)"
|
|
read -r answer
|
|
if [ "$answer" != "yes" ]; then
|
|
echo "Aborting."
|
|
exit 1
|
|
fi
|
|
echo "Well, you said it, not me."
|
|
COUNTRY="GB"
|
|
STATE="London"
|
|
LOCALITY="London"
|
|
ORGANIZATION="Totally Real Company Inc."
|
|
ORGANIZATIONAL_UNIT="Testing Department"
|
|
COMMON_NAME="localhost"
|
|
openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
|
|
-keyout "$CA_KEY" -out "$CA_FILE" \
|
|
-subj "/C=$COUNTRY/ST=$STATE/L=$LOCALITY/O=$ORGANIZATION/OU=$ORGANIZATIONAL_UNIT/CN=$COMMON_NAME"
|
|
openssl req -nodes -newkey rsa:2048 \
|
|
-keyout "$SSL_KEY" -out "$CSR_FILE" \
|
|
-subj "/C=$COUNTRY/ST=$STATE/L=$LOCALITY/O=$ORGANIZATION/OU=$ORGANIZATIONAL_UNIT/CN=$COMMON_NAME"
|
|
printf "subjectAltName = DNS:%s\nauthorityKeyIdentifier = keyid,issuer\nbasicConstraints = CA:FALSE\nkeyUsage = digitalSignature, keyEncipherment\nextendedKeyUsage=serverAuth" $COMMON_NAME > /tmp/extfile.cnf
|
|
openssl x509 -req -in "$CSR_FILE" -CA "$CA_FILE" -CAkey "$CA_KEY" -CAcreateserial -out "$SSL_FILE" -days 365 \
|
|
-extfile /tmp/extfile.cnf
|
|
echo "Self-signed certificate and key have been generated:"
|
|
echo "Trusting the certificate... (you may be prompted for your password)".
|
|
if [ -z "$(command -v p11-kit)" ]; then
|
|
$superuserCommand sh -c "cp $CA_FILE /usr/local/share/ca-certificates/$CA_FILE && update-ca-certificates"
|
|
else
|
|
$superuserCommand sh -c "trust anchor $CA_FILE"
|
|
fi
|
|
echo "Deleting temporary files..."
|
|
rm /tmp/extfile.cnf
|
|
fi
|
|
|
|
echo "Building the server and client..."
|
|
go build -o server/server server/main.go
|
|
GOOS=js GOARCH=wasm go build -o client/main.wasm client/main.go
|
|
echo "Launching the client in your default browser..."
|
|
xdg-open "https://localhost:8080"
|
|
echo "Launching the server..."
|
|
cd server || exit 1
|
|
echo "Server started. Press Ctrl+C to stop."
|
|
./server
|
|
echo "Alright, the server has stopped. If you want to remove the self-signed certificate, run ./test.sh --uninstall." |