echo off

echo Usage create_self_signed_certificate.bat 'location_root' 'unique_name' 'subj'
echo where subj has the form: "/C=%COUNTRY%/L=%LOCATION%ST=%STATE%/O=%ORGANIZATION%/OU=%ORGANIZATION_UNIT%/CN=%TO%"

set BATCH_DIR=%~dp0
SET OPENSSL_EXE_DIR=%BATCH_DIR%..\..\..\..\..\Tools\OpenSSL_3.0\Bin\

if %1.==. goto NO_PATH_CREATE_SELF_SIGNED_CERTIFICATE
if %2.==. goto NO_NAME_CREATE_SELF_SIGNED_CERTIFICATE
if %3.==. goto NO_SUBJ_CREATE_SELF_SIGNED_CERTIFICATE

set LOCATION=%~1
set NAME=%2
set SUBJ=%3
echo Subject: %3

set PRIVATE_KEY_LOCATION=%LOCATION%\private\private_key_%NAME%.pem
set REQUEST_LOCATION=%LOCATION%\request\req_%NAME%.csr
set CERTIFICATE_LOCATION=%LOCATION%\certs\cert_%NAME%.der
set TEMP_CERTIFICATE_LOCATION=%LOCATION%\certs\cert_%NAME%.pem

echo Root dir: %LOCATION%
echo Name: %NAME%
echo Subject: %SUBJ%

echo Step 1	: Initialize location

md "%LOCATION%"
md "%LOCATION%\private"
md "%LOCATION%\certs"
md "%LOCATION%\request"

echo Step 2	: Creating private key
rem "%BATCH_DIR%openssl" genrsa -des3 -out "%PRIVATE_KEY_LOCATION%" -passout pass:pass 1024
"%OPENSSL_EXE_DIR%openssl" genrsa -out "%PRIVATE_KEY_LOCATION%" -passout pass:pass 1024

echo Step 3	: Creating certificate request
"%OPENSSL_EXE_DIR%openssl" req -config "%BATCH_DIR%openssl.cnf" -new -days 365 -key "%PRIVATE_KEY_LOCATION%" -outform PEM -out "%REQUEST_LOCATION%" -passin pass:pass -subj %SUBJ% -reqexts v3_req_self_signed
rem sub ===> /C=%COUNTRY%/L=%LOCATION%/ST=%STATE%/O=%ORGANIZATION%/OU=%ORGANIZATION_UNIT%/CN=%TO%

echo Step 4	: Creating self signed cert
"%OPENSSL_EXE_DIR%openssl" ca -config "%BATCH_DIR%openssl.cnf" -batch -selfsign -keyfile "%PRIVATE_KEY_LOCATION%" -in "%REQUEST_LOCATION%" -out "%TEMP_CERTIFICATE_LOCATION%" -subj %SUBJ% -passin pass:pass
rem Convert PEM certificate to DER format
"%OPENSSL_EXE_DIR%openssl" x509 -inform PEM -in "%TEMP_CERTIFICATE_LOCATION%" -outform DER -out "%CERTIFICATE_LOCATION%"

goto END_CREATE_SELF_SIGNED_CERTIFICATE

:NO_PATH_CREATE_SELF_SIGNED_CERTIFICATE
echo No path has been specified
goto END_CREATE_SELF_SIGNED_CERTIFICATE

:NO_NAME_CREATE_SELF_SIGNED_CERITFICATE
echo No name has been specified
goto END_CREATE_SELF_SIGNED_CERTIFICATE

:NO_SUBJ_CREATE_SELF_SIGNED_CERTIFICATE
echo No subject has been specified
goto END_CREATE_SELF_SIGNED_CERTIFICATE

:END_CREATE_SELF_SIGNED_CERTIFICATE