perl scripts to create certificates for accounts

最新推荐文章于 2023-11-15 15:10:34 发布

原创最新推荐文章于 2023-11-15 15:10:34 发布 · 155 阅读

0 ·

CC 4.0 BY-SA版权

文章标签：

#automation #Security

perl 专栏收录该内容

1 篇文章

订阅专栏

本文介绍了一种使用Perl脚本进行批量证书生成的方法。通过循环遍历不同的参数组合，利用编码后的字符串作为证书注释，并调用OpenSSL命令完成证书请求及签发过程。

[root@localhost ~]# vim /root/newkeys/dbcertkey33.pl

foreach my $line (@encoded) {

$line =~ s/\n//g;

$new_line .= $line;

}

system "sed -i's/nsComment.*=.*/nsComment=\"CN=\\\\\"$new_line\\\\\"\"/g'openssl.cnf";

system "openssl req -new -newkey rsa:1024 -config'openssl.cnf' -out xxx$acc$end$fock$count.pem -subj\"/C=US/ST=California/L=Los Gatos/O=xxx, Inc./CN=\\\"xxxSCEP Server\\\"\" -keyout xxx$acc$end$fock$count\key.pem -nodes-batch;openssl x509 -req -in xxx$acc$end$fock$count.pem -CAkey cakey.pem-CA cacert.pem -extfile 'openssl.cnf' -extensions usr_cert -days 3652 -outxxx$acc$end$fock$count$cert.pem -CAcreateserial -CAserial serial";

[root@localhost ~]# vim /root/newkeys/dbcertkeyok.pl

#!/bin/perl

use MIME::Base64;

use strict;

my $end = 'end';

my $cert = 'cert';

for(my $acc =642; $acc <= 645; $acc++) {

for(my $fock =101; $fock <=300; $fock++) {

for(my $count =11; $count <= 60; $count++) {

my $BASE ="{'policyName': 'policy13316363844223bcd9f10', 'UDID':'86a58553d7e0456d10ba255057fd8216$acc$fock$count', 'checksum':'profile1331636384422b5bc3f8a', 'servicesFlag': '63', 'userID':'xxx$acc$end$fock$count\@xxx.com', 'profileM_mark': '2','displayType': 'iPad2', 'deviceType': 'iPad', 'profileN_name':'profile1331636384422b5bc3f8a', 'profileName': 'profile1331636384422b5bc3f8a','enduserType': 'hostedUser', 'accountID': '$acc'}";

my @encoded = encode_base64("$BASE");

my $new_line = '';

foreach my $line (@encoded) {

$line =~ s/\n//g;

$new_line .= $line;

}

system "sed -i's/nsComment.*=.*/nsComment=\"CN=\\\\\"$new_line\\\\\"\"/g'openssl.cnf";

system "openssl req -new -newkey rsa:1024 -config'openssl.cnf' -out xxx$acc$end$fock$count.pem -subj\"/C=US/ST=California/L=Los Gatos/O=xxx, Inc./CN=\\\"xxxSCEP Server\\\"\" -keyout xxx$acc$end$fock$count\key.pem -nodes-batch;openssl x509 -req -in xxx$acc$end$fock$count.pem -CAkey cakey.pem-CA cacert.pem -extfile 'openssl.cnf' -extensions usr_cert -days 3652 -out xxx$acc$end$fock$count$cert.pem-CAcreateserial -CAserial serial";

}