echo off

echo Usage create_root_ca_cert.bat 'location_root' 'subj'
echo where subj has the form: "/C=%COUNTRY%/L=%LOCATION%/ST=%STATE%/O=%ORGANIZATION%/OU=%ORGANIZATION_UNIT%/CN=%TO%"

SET BATCH_DIR=%~dp0
SET OPENSSL_EXE_DIR=%BATCH_DIR%..\..\..\Tools\OpenSSL_3.0\Bin\

if %1.==. GOTO NO_PATH
if %2.==. GOTO NO_SUBJ

set LOCATION=%~1
set SUBJ=%2

set CA_PRIVATE_KEY_LOCATION=%LOCATION%\private\ca_private_key.pem
set CA_DER_CERTIFICATE_LOCATION=%LOCATION%\certs\ca_cert.der
set CA_PEM_CERTIFICATE_LOCATION=%LOCATION%\ca_cert.pem

echo Root dir: %LOCATION%
echo CA private key location: %CA_PRIVATE_KEY_LOCATION%
echo CA certificate location: %CA_CERTIFICATE_LOCATION%
echo Creating CA root certificate

echo Step 1	: Initialize location

md "%LOCATION%"
md "%LOCATION%\private"
md "%LOCATION%\certs"
md "%LOCATION%\crl"
md "%LOCATION%\request"
md "%LOCATION%\rejected_certificates"

echo Step 2	: Creating CA (root) certificate
rem openssl req -new -x509 -days 3650 -keyform DER -keyout %CA_PRIVATE_KEY_LOCATION% -outform DER -out %CA_DER_CERTIFICATE_LOCATION% -passout pass:pass -subj %SUBJ%
"%OPENSSL_EXE_DIR%openssl" req -config "%BATCH_DIR%openssl.cnf" -new -x509 -days 3650 -keyform DER -keyout "%CA_PRIVATE_KEY_LOCATION%" -outform DER -out "%CA_DER_CERTIFICATE_LOCATION%"  -passout pass:pass

echo Step 3	: Convert CA (root) certificate, in PEM format
"%OPENSSL_EXE_DIR%openssl" x509 -inform DER -in "%CA_DER_CERTIFICATE_LOCATION%" -outform PEM -out "%CA_PEM_CERTIFICATE_LOCATION%"

GOTO END

:NO_PATH
echo No path has been specified
GOTO END

:NO_SUBJ
echo No subject has been specified
GOTO END_CERTIFICATE_REQUEST

:END