sslmake/README.md

Making SSL-Certificates
=======================

Creates keys and certificate requests via gnutls.
It tries to keep files, if there exist. But if you change one file,
files which depend on it, will be recreated by this program.

Install
=======

Dependencies
------------

You need GNU-make and gnutls-bin. sslmake is a Makefile, so you really need make!

	apt install make gnutls-bin

Install
-------

First clone this git-repository. Or download only sslmake.

YOu only need to copy it to a directory, which found in your $PATH.

	install --owner root --group root --mode 0755 -t /usr/local/bin sslmake-gnutls

or simple:

	make install

But it's possible to run sslmake local, so, you do not need any install.

	./sslmake exmaple.csr


Howto
=====

All files will be replaced, if files which it depends on, are newer.
For example, if you create the `host.example.net.key`, and you run `sslmake host.example.net.csr`,
your CSR will be replaced be a new. But if your CSR is newer than the KEY,
it will not replace your CSR.

First Use
---------

If you creates something a first time, then you are alright here.
Renewing and removing will follow in 'Second Use'.

* Create the config:

		cat > host.example.net.cfg <<EOF
		cn = host.example.net
		dns_name = host.example.net
		dns_name = additional.example.net.cfg
		tls_www_server

		organization = "Example Inc."
		unit = "NOC"
		state = "Example"
		country = Ex
		signing_key
		encryption_key
		EOF

* Create the CSR:

		sslmake host.example.net.csr
  
	This will use `host.example.net.cfg` as configfile and creates a key (if needed)
	and the csr if didn't exists. Everything in one step.

* Perfect Forward Secrecy

		sslmake host.example.net.dh
sslmake howto removed, and README.md added 2013-02-06 16:48:25 +01:00			`Making SSL-Certificates`
			`=======================`

new examples 2018-11-19 17:15:19 +01:00			`Creates keys and certificate requests via gnutls.`
sslmake howto removed, and README.md added 2013-02-06 16:48:25 +01:00			`It tries to keep files, if there exist. But if you change one file,`
			`files which depend on it, will be recreated by this program.`

ignore any keys, certs, reqs... install-section in readme 2013-02-06 16:56:06 +01:00			`Install`
			`=======`

			`Dependencies`
			`------------`

new examples 2018-11-19 17:15:19 +01:00			`You need GNU-make and gnutls-bin. sslmake is a Makefile, so you really need make!`
ignore any keys, certs, reqs... install-section in readme 2013-02-06 16:56:06 +01:00
new examples 2018-11-19 17:15:19 +01:00			`apt install make gnutls-bin`
ignore any keys, certs, reqs... install-section in readme 2013-02-06 16:56:06 +01:00
			`Install`
			`-------`

			`First clone this git-repository. Or download only sslmake.`

			`YOu only need to copy it to a directory, which found in your $PATH.`

new examples 2018-11-19 17:15:19 +01:00			`install --owner root --group root --mode 0755 -t /usr/local/bin sslmake-gnutls`

			`or simple:`

			`make install`
ignore any keys, certs, reqs... install-section in readme 2013-02-06 16:56:06 +01:00
			`But it's possible to run sslmake local, so, you do not need any install.`

new examples 2018-11-19 17:15:19 +01:00			`./sslmake exmaple.csr`
ignore any keys, certs, reqs... install-section in readme 2013-02-06 16:56:06 +01:00

sslmake howto removed, and README.md added 2013-02-06 16:48:25 +01:00			`Howto`
			`=====`

			`All files will be replaced, if files which it depends on, are newer.`
new examples 2018-11-19 17:15:19 +01:00			For example, if you create the `host.example.net.key`, and you run `sslmake host.example.net.csr`,
sslmake howto removed, and README.md added 2013-02-06 16:48:25 +01:00			`your CSR will be replaced be a new. But if your CSR is newer than the KEY,`
			`it will not replace your CSR.`

			`First Use`
			`---------`

			`If you creates something a first time, then you are alright here.`
			`Renewing and removing will follow in 'Second Use'.`

			`* Create the config:`

new examples 2018-11-19 17:15:19 +01:00			`cat > host.example.net.cfg <<EOF`
			`cn = host.example.net`
			`dns_name = host.example.net`
			`dns_name = additional.example.net.cfg`
			`tls_www_server`
sslmake howto removed, and README.md added 2013-02-06 16:48:25 +01:00
new examples 2018-11-19 17:15:19 +01:00			`organization = "Example Inc."`
			`unit = "NOC"`
			`state = "Example"`
			`country = Ex`
			`signing_key`
			`encryption_key`
			`EOF`
sslmake howto removed, and README.md added 2013-02-06 16:48:25 +01:00
			`* Create the CSR:`

new examples 2018-11-19 17:15:19 +01:00			`sslmake host.example.net.csr`
sslmake howto removed, and README.md added 2013-02-06 16:48:25 +01:00
new examples 2018-11-19 17:17:00 +01:00			This will use `host.example.net.cfg` as configfile and creates a key (if needed)
			`and the csr if didn't exists. Everything in one step.`
new examples 2018-11-19 17:15:19 +01:00
			`* Perfect Forward Secrecy`

			`sslmake host.example.net.dh`