2 # Copyright 2020 Huawei Technologies Co., Ltd.
4 # Licensed under the Apache License, Version 2.0 (the "License");
5 # you may not use this file except in compliance with the License.
6 # You may obtain a copy of the License at
8 # http://www.apache.org/licenses/LICENSE-2.0
10 # Unless required by applicable law or agreed to in writing, software
11 # distributed under the License is distributed on an "AS IS" BASIS,
12 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 # See the License for the specific language governing permissions and
14 # limitations under the License.
19 - name: Remove old dir
20 command: rm -rf /tmp/.mep_tmp_cer
25 command: mkdir -p /tmp/.mep_tmp_cer
29 - name: Openssl genrsa
30 command: openssl genrsa -out ca.key 2048
32 chdir: /tmp/.mep_tmp_cer/
35 # yamllint disable rule:line-length
36 command: openssl req -new -key ca.key -subj /C=CN/ST=Peking/L=Beijing/O=edgegallery/CN=edgegallery -out ca.csr
37 # yamllint disable rule:line-length
39 chdir: /tmp/.mep_tmp_cer/
41 - name: Sing key with ca key and ca crt
42 command: openssl x509 -req -days 365 -in ca.csr -extensions v3_ca -signkey ca.key -out ca.crt
44 chdir: /tmp/.mep_tmp_cer/
46 - name: Openssl genrsa
47 command: openssl genrsa -out server_tls.key 2048
49 chdir: /tmp/.mep_tmp_cer/
51 - name: Openssl rsa mep tls
52 command: openssl rsa -in server_tls.key -aes256 -passout pass:{{ vardata.certspass.name}} -out server_encryptedtls.key
54 chdir: /tmp/.mep_tmp_cer/
56 - name: Openssl req new key mepserver tls key
57 # yamllint disable rule:line-length
58 command: openssl req -new -key server_tls.key -subj /C=CN/ST=Beijing/L=Beijing/O=edgegallery/CN=edgegallery -out server_tls.csr
59 # yamllint disable rule:line-length
61 chdir: /tmp/.mep_tmp_cer/
63 - name: Openssl mepserver tls csr
64 # yamllint disable rule:line-length
65 command: openssl x509 -req -in server_tls.csr -extensions v3_req -CA ca.crt -CAkey ca.key -CAcreateserial -out server_tls.crt
66 # yamllint disable rule:line-length
68 chdir: /tmp/.mep_tmp_cer/
70 - name: Openssl genrsa out
71 command: openssl genrsa -out jwt_privatekey 2048
73 chdir: /tmp/.mep_tmp_cer/
75 - name: Openssl rsa jwt privatekey
76 command: openssl rsa -in jwt_privatekey -pubout -out jwt_publickey
78 chdir: /tmp/.mep_tmp_cer/
80 - name: Openssl rsa jwt privatekey
81 command: openssl rsa -in jwt_privatekey -pubout -out jwt_publickey
83 chdir: /tmp/.mep_tmp_cer/
85 - name: Openssl rsa in jwt
86 command: openssl rsa -in jwt_privatekey -aes256 -passout pass:{{ vardata.certspass.name}} -out jwt_encrypted_privatekey
88 chdir: /tmp/.mep_tmp_cer/