From 75b79916fe81d6b0305b4f0792936f588b8b6dd4 Mon Sep 17 00:00:00 2001
From: Galileo <46945263+641i130@users.noreply.github.com>
Date: Tue, 31 Jan 2023 01:24:09 -0600
Subject: [PATCH] aoeu

---
 .gitignore  |  3 ++-
 src/main.rs |  4 ++--
 ssl.sh      | 23 +++++++++++++++++++++++
 3 files changed, 27 insertions(+), 3 deletions(-)
 create mode 100644 ssl.sh

diff --git a/.gitignore b/.gitignore
index d5b1bcf..2ebb7e0 100644
--- a/.gitignore
+++ b/.gitignore
@@ -2,4 +2,5 @@
 Cargo.lock
 *.pem
 *.crt
-*.key
\ No newline at end of file
+*.key
+*.pfx
diff --git a/src/main.rs b/src/main.rs
index c874c10..4b8e997 100755
--- a/src/main.rs
+++ b/src/main.rs
@@ -85,9 +85,9 @@ async fn main() -> std::io::Result<()> {
     println!("Starting!!!");
     // Load key files
     let cert_file = &mut BufReader::new(
-        File::open("out_server.crt").unwrap());
+        File::open("cert.pem").unwrap());
     let key_file = &mut BufReader::new(
-        File::open("rootCA.key").unwrap());
+        File::open("key.pem").unwrap());
 
     // Parse the certificate and set it in the configuration
     let cert_chain = certs(cert_file).unwrap();
diff --git a/ssl.sh b/ssl.sh
new file mode 100644
index 0000000..634e3bf
--- /dev/null
+++ b/ssl.sh
@@ -0,0 +1,23 @@
+#Step 1: Create a Root CA key
+openssl genpkey -algorithm RSA -out rootCA.key
+
+# Step 2: Create a Root CA self-signed certificate
+openssl req -new -key rootCA.key -out rootCA.csr -subj "/CN=nesys"
+openssl x509 -req -in rootCA.csr -out rootCA.crt -signkey rootCA.key -days 3650
+
+# Step 3: Create a certificate key
+openssl genpkey -algorithm RSA -out cert.key
+
+# Step 4: Create a certificate signing request (CSR)
+openssl req -new -key cert.key -out cert.csr -subj "/CN=PREMIUM"
+
+# Step 5: Add subject alternative names (SAN) to the CSR
+echo "subjectAltName = IP:127.0.0.1,DNS:localhost,DNS:cert3.nesys.jp,DNS:data.nesys.jp,DNS:proxy.nesys.jp,DNS:nesys.taito.co.jp,DNS:fjm170920zero.nesica.net" >> cert.ext
+openssl req -in cert.csr -out cert.csr -config cert.ext
+
+# Step 6: Sign the certificate with the Root CA
+openssl x509 -req -in cert.csr -out cert.crt -CA rootCA.crt -CAkey rootCA.key -CAcreateserial -days 3650 -extfile cert.ext
+
+# Finalize
+openssl x509 -in cert.crt -out cert.pem -outform PEM
+openssl rsa -in cert.key -out key.pem -outform PEM
\ No newline at end of file