+#!/bin/bash
+
+# create self-signed CA certificate
+# presumes standard directory of strongswan
+
+#S_I="ipsec"
+
+#echo "question (read variable)"
+#read S_I
+
+VPN_COUNTRY="AUS"
+VPN_IP_ADDRESS="45.32.241.182"
+VPN_NAME="ROB-VPN-AUS"
+
+
+echo "Entering strongswan config directory..."
cd /etc/strongswan/ipsec.d/
strongswan pki --gen --type rsa --size 4096 --outform pem \
> private/strongswanKey.pem
chmod 600 private/strongswanKey.pem
strongswan pki --self --ca --lifetime 3650 \
--in private/strongswanKey.pem --type rsa \
- --dn "C=JP, O=ROB-VPN-JP, CN=207.148.98.140" \
+ --dn "C=$VPN_COUNTRY, O=$VPN_NAME, CN=$VPN_IP_ADDRESS" \
--outform pem \
> cacerts/strongswanCert.pem