堆栈内存溢出
  简体   繁体   English

从bash创建证书以在Mac OS X上签名GDB

[英]Creating certificate to sign GDB on Mac OS X from bash

 原文  2016-01-26 17:38:09       macos/ bash/ certificate/ sign

问题描述

I am trying to install gdb on Mac OS X by following link1 and link2 . 我正在尝试通过遵循link1link2在Mac OS X上安装gdb。 This process is done in four steps: 此过程分为四个步骤:

  1. installing gdb using brew install gdb 使用brew install gdb
  2. creating a certificate 创建证书
  3. sign gdb using codesign -s [cert-name] [your-gdb-location] 使用codesign -s [cert-name] [your-gdb-location] gdb进行签名

How can I automate step 2 in a bash script? 如何在bash脚本中自动执行步骤2?

1 个解决方案

解决方案1
 1 已采纳  2016-01-27 05:17:39

This is my final code (based on here , here and here ): 这是我的最终代码(基于hereherehere ): 

cat > myconfig.cnf << EOF

[ req ]
prompt             = no
distinguished_name = my dn

[ my dn ]
# The bare minimum is probably a commonName
commonName = VENTOS
countryName = XX
localityName = Fun Land
organizationName = MyCo LLC LTD INC (d.b.a. OurCo)
organizationalUnitName = SSL Dept.
stateOrProvinceName = YY
emailAddress = ssl-admin@example.com
name = John Doe
surname = Doe
givenName = John
initials = JXD
dnQualifier = some

[ my server exts ]
keyUsage = digitalSignature
extendedKeyUsage = codeSigning

EOF

echo "generating the private key ..."
openssl genrsa -des3 -passout pass:foobar -out server.key 2048

echo ""
echo "generating the CSR (certificate signing request) ..."
openssl req -new -passin pass:foobar -passout pass:foobar -key server.key -out server.csr -config myconfig.cnf -extensions 'my server exts'

echo ""
echo "generating the self-signed certificate ..."
openssl x509 -req -passin pass:foobar -days 6666 -in server.csr -signkey server.key -out server.crt -extfile myconfig.cnf -extensions 'my server exts'

echo ""
echo "convert crt + RSA private key into a PKCS12 (PFX) file ..."
openssl pkcs12 -export -passin pass:foobar -passout pass:foobar -in server.crt -inkey server.key -out server.pfx

echo ""
echo "importing the certificate ..."
sudo security import server.pfx -k /Library/Keychains/System.keychain -P foobar

Now you can see the certificate listed in System keychains: 现在您可以看到系统钥匙串中列出的证书:

在此处输入图片说明

To sign gdb 签署gdb 

sudo codesign -s VENTOS "$(which gdb)"

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 gdb在创建证书和codesign后无法在mac os下工作 - gdb cannot work under mac os after creating a certificate and codesign 主题:在Mac OS X High Sierra的钥匙串访问中无法为gdb的系统证书进行代码签名 - subject: cannot codesign system certificate for gdb in keychain access in Mac OS X High Sierra Mac OS X无法运行GDB - Mac OS X cannot run GDB 使用GDB在Mac OS X上调试Thunderbird - Debugging Thunderbird on Mac OS X with GDB Mac OS X上的Emacs 24和GDB 6.3 - Emacs 24 and GDB 6.3 on Mac OS X 如何使用自签名证书对Mac OS X内核扩展进行代码签名 - How to code sign Mac OS X kernel extension with self signed certificate 我应该使用哪种证书来签署我的Mac OS X应用程序? - Which certificate should I use to sign my Mac OS X application? 在Mac OS X中从Bash访问当前用户电子邮件和名称 - Access The Current User Email and Name from the Bash in Mac OS X 在Mac OS X中以PEM格式创建Google oauth X.509证书 - Creating google oauth X.509 certificate in PEM format within Mac OS X 在mac os x中创建包 - Creating package in mac os x
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM