diff options
Diffstat (limited to 'local/certgen-test.pl')
-rw-r--r-- | local/certgen-test.pl | 66 |
1 files changed, 66 insertions, 0 deletions
diff --git a/local/certgen-test.pl b/local/certgen-test.pl new file mode 100644 index 0000000..b335428 --- /dev/null +++ b/local/certgen-test.pl @@ -0,0 +1,66 @@ +#!/usr/bin/perl + +system("rm -rf /tmp/.snmp1"); +system("rm -rf /tmp/.snmp2"); + +system("cp net-snmp-cert ~/bin"); + +$str = "\ngenca (in -C /tmp/.snmp1) : ca-snmp\n\n"; +print("$str"); +die("$str\n") if system("net-snmp-cert genca -I -C /tmp/.snmp1 --cn ca-snmp --email ca\@ca.com --host host.a.b.com --san DNS:ca.a.b.com --san EMAIL:ca\@ca.com"); + +print "\nusing -C /tmp/.snmp2 for all following tests\n"; +$str = "\ngenca: ca-snmp\n\n"; +print("$str"); +die("$str\n") if system("net-snmp-cert genca -I -C /tmp/.snmp2 --cn ca-snmp --email ca\@ca.com --host host.a.b.com --san DNS:ca.a.b.com --san EMAIL:ca\@ca.com"); + +$str = "\ngenca: ca-snmp-2 (signed w/ ca-snmp)\n\n"; +print("$str"); +die("$str\n") if system("net-snmp-cert genca -I -C /tmp/.snmp2 --with-ca ca-snmp --cn ca-snmp-2 --email ca2\@ca.com --host host2.a.b.com --san DNS:ca2.a.b.com --san EMAIL:ca2\@ca.com"); + +$str = "\ngencsr: snmpapp\n\n"; +print("$str"); +die("$str\n") if system("net-snmp-cert gencsr -I -C /tmp/.snmp2 -t snmpapp --cn 'admin' --email admin@net-snmp.org --host admin-host.net-snmp.org --san EMAIL:a\@b.com --san IP:1.2.3.4 --san DNS:admin.a.b.org"); + +$str = "\nsigncsr: snmpapp w/ca-snmp\n\n"; +print("$str"); +die("died: $str\n") if system("net-snmp-cert signcsr -I -C /tmp/.snmp2 --with-ca ca-snmp --csr snmpapp --install"); + +$str = "\nsigncsr: snmpapp w/ca-snmp-2\n\n"; +print("$str"); +die("$str\n") if system("net-snmp-cert signcsr -I -C /tmp/.snmp2 --with-ca ca-snmp-2 --csr snmpapp --san EMAIL:noinstall\@b.com --san IP:5.6.7.8"); + +$str = "\ngencert: snmptrapd (self-signed)\n\n"; +print("$str"); +die("$str\n") if system("net-snmp-cert gencert -I -C /tmp/.snmp2 -t snmptrapd --cn 'NOC' --email 'noc\@net-snmp.org' --host noc-host.net-snmp.org --san DNS:noc.a.b.org --san 'EMAIL:noc\@net-snmp.org'"); + +$str = "\ngencert: snmpd (signed w/ ca-snmp-2)\n\n"; +print("$str"); +die("$str\n") if system("net-snmp-cert gencert -I -C /tmp/.snmp2 -t snmpd --with-ca ca-snmp-2 --email snmpd\@net-snmp.org --host snmpd-host.net-snmp.org --san DNS:snmpd.a.b.org --san EMAIL:snmpd\@net-snmp.org"); + +system("cp net-snmp-cert.conf /tmp/.snmp2"); + +$str = "\ngenca (in -C /tmp/.snmp2 -i CA-identity)\n\n"; +print("$str"); +die("$str\n") if system("net-snmp-cert genca -I -C /tmp/.snmp2 -i CA-identity"); + +$str = "\ngencert (in -C /tmp/.snmp2 -i nocadm -t snmp-identity)\n\n"; +print("$str"); +die("$str\n") if system("net-snmp-cert gencert -I -C /tmp/.snmp2 -t snmp-identity -i nocadm --with-ca CA-identity"); + + +$str = "\nshow CAs\n\n"; +print("$str"); +die("$str\n") if system("net-snmp-cert -C /tmp/.snmp2 showca --issuer --subject"); + +$str = "show Certs\n\n"; +print("$str"); +die("$str\n") if system("net-snmp-cert -C /tmp/.snmp2 showcert --issuer --subject"); + +$str = "show CAs fingerprint\n\n"; +print("$str"); +die("$str\n") if system("net-snmp-cert -C /tmp/.snmp2 showca --fingerprint --brief"); + +$str = "\nshow Certs fingerprint\n\n"; +print("$str"); +die("$str\n") if system("net-snmp-cert -C /tmp/.snmp2 showcert --fingerprint --brief"); |