(command.CommandList children: [ (command.ShAssignment pairs: [ (assign_pair lhs: (sh_lhs_expr.Name name:password) op: assign_op.Equal rhs: {<Id.KW_Pass pass> <Id.Lit_Other ':'> <dartdart>} spids: [23] ) ] ) (command.If arms: [ (if_arm cond: [ (command.Sentence child: (C {<Id.Lit_LBracket '['>} {<-d>} {(DQ <certificates>)} {<Id.Lit_RBracket ']'>}) terminator: <Id.Op_Semi _> ) ] action: [ (C {<mv>} {<certificates/server_key.pem>} {<certificates/untrusted_server_key.pem>}) (C {<mv>} {<certificates/server_chain.pem>} {<certificates/untrusted_server_chain.pem>}) ] spids: [35 48] ) ] else_action: [(C {<mkdir>} {<certificates>})] ) (C {<mkdir>} {<-p>} {<certificate_authority>}) (C {<cd>} {<certificate_authority>}) (C {<openssl>} {<req>} {<-subj>} {</CN> <Id.Lit_Equals '='> <rootauthority>} {<-set_serial>} {<1>} {<-batch>} {<-verbose>} {<-passout>} {($ Id.VSub_DollarName '$password')} {<-new>} {<-x509>} {<-keyout>} {<root_authority_key.pem>} {<-out>} {<root_authority.pem>} {<-days>} {<3650>} ) (C {<openssl>} {<req>} {<-subj>} {</CN> <Id.Lit_Equals '='> <intermediateauthority>} {<-batch>} {<-verbose>} {<-passout>} {($ Id.VSub_DollarName '$password')} {<-new>} {<-keyout>} {<intermediate_authority_key.pem>} {<-out>} {<intermediate_authority_request.pem>} ) (C {<openssl>} {<x509>} {<-req>} {<-in>} {<intermediate_authority_request.pem>} {<-out>} {<intermediate_authority.pem>} {<-set_serial>} {<2>} {<-CA>} {<root_authority.pem>} {<-CAkey>} {<root_authority_key.pem>} {<-passin>} {($ Id.VSub_DollarName '$password')} {<-extfile>} {<../sample_certificate_v3_extensions>} {<-extensions>} {<intermediate_authority>} {<-days>} {<3650>} ) (C {<openssl>} {<req>} {<-subj>} {</CN> <Id.Lit_Equals '='> <localhost>} {<-batch>} {<-verbose>} {<-passout>} {($ Id.VSub_DollarName '$password')} {<-new>} {<-keyout>} {<localhost_key.pem>} {<-out>} {<localhost_request.pem>} ) (C {<openssl>} {<x509>} {<-req>} {<-in>} {<localhost_request.pem>} {<-out>} {<localhost.pem>} {<-set_serial>} {<1>} {<-CA>} {<intermediate_authority.pem>} {<-CAkey>} {<intermediate_authority_key.pem>} {<-passin>} {($ Id.VSub_DollarName '$password')} {<-extfile>} {<../sample_certificate_v3_extensions>} {<-extensions>} {<localhost>} {<-days>} {<3650>} ) (C {<openssl>} {<req>} {<-subj>} {</CN> <Id.Lit_Equals '='> <clientauthority>} {<-set_serial>} {<1>} {<-batch>} {<-verbose>} {<-passout>} {($ Id.VSub_DollarName '$password')} {<-new>} {<-x509>} {<-keyout>} {<client_authority_key.pem>} {<-out>} {<client_authority.pem>} {<-config>} {<../sample_certificate_v3_extensions>} {<-extensions>} {<client_authority>} {<-days>} {<3650>} ) (C {<openssl>} {<req>} {<-subj>} {</CN> <Id.Lit_Equals '='> <user1>} {<-batch>} {<-verbose>} {<-passout>} {($ Id.VSub_DollarName '$password')} {<-new>} {<-keyout>} {<client1_key.pem>} {<-out>} {<client1_request.pem>} ) (C {<openssl>} {<req>} {<-subj>} {</CN> <Id.Lit_Equals '='> <user2>} {<-batch>} {<-verbose>} {<-passout>} {($ Id.VSub_DollarName '$password')} {<-new>} {<-keyout>} {<client2_key.pem>} {<-out>} {<client2_request.pem>} ) (C {<openssl>} {<x509>} {<-req>} {<-in>} {<client1_request.pem>} {<-out>} {<client1.pem>} {<-set_serial>} {<2>} {<-CA>} {<client_authority.pem>} {<-CAkey>} {<client_authority_key.pem>} {<-passin>} {($ Id.VSub_DollarName '$password')} {<-extfile>} {<../sample_certificate_v3_extensions>} {<-extensions>} {<client_certificate>} {<-days>} {<3650>} ) (C {<openssl>} {<x509>} {<-req>} {<-in>} {<client2_request.pem>} {<-out>} {<client2.pem>} {<-set_serial>} {<3>} {<-CA>} {<client_authority.pem>} {<-CAkey>} {<client_authority_key.pem>} {<-passin>} {($ Id.VSub_DollarName '$password')} {<-extfile>} {<../sample_certificate_v3_extensions>} {<-extensions>} {<client_certificate>} {<-days>} {<3650>} ) (C {<rm>} {<root_authority_key.pem>}) (C {<rm>} {<intermediate_authority.pem>}) (C {<rm>} {<client_authority_key.pem>}) (command.ShAssignment pairs: [ (assign_pair lhs: (sh_lhs_expr.Name name:CERTS) op: assign_op.Equal rhs: {<../certificates>} spids: [561] ) ] ) (command.Simple words: [{<cat>} {<localhost.pem>} {<intermediate_authority.pem>} {<root_authority.pem>}] redirects: [ (redir.Redir op: <Id.Redir_Great '>'> fd: -1 arg_word: {($ Id.VSub_DollarName '$CERTS') </server_chain.pem>} ) ] ) (command.Simple words: [{<cat>} {<intermediate_authority.pem>} {<root_authority.pem>} {<client_authority.pem>}] redirects: [ (redir.Redir op: <Id.Redir_Great '>'> fd: -1 arg_word: {($ Id.VSub_DollarName '$CERTS') </server_trusted.pem>} ) ] ) (C {<openssl>} {<pkcs8>} {<-in>} {<localhost_key.pem>} {<-out>} {($ Id.VSub_DollarName '$CERTS') </server_key.pem>} {<-topk8>} {<-v1>} {<PBE-SHA1-RC4-128>} {<-passin>} {($ Id.VSub_DollarName '$password')} {<-passout>} {($ Id.VSub_DollarName '$password')} ) (C {<openssl>} {<pkcs8>} {<-in>} {<client1_key.pem>} {<-out>} {($ Id.VSub_DollarName '$CERTS') </client1_key.pem>} {<-topk8>} {<-v1>} {<PBE-SHA1-RC4-128>} {<-passin>} {($ Id.VSub_DollarName '$password')} {<-passout>} {($ Id.VSub_DollarName '$password')} ) (C {<openssl>} {<pkcs8>} {<-in>} {<client2_key.pem>} {<-out>} {($ Id.VSub_DollarName '$CERTS') </client2_key.pem>} {<-topk8>} {<-v1>} {<PBE-SHA1-RC4-128>} {<-passin>} {($ Id.VSub_DollarName '$password')} {<-passout>} {($ Id.VSub_DollarName '$password')} ) (C {<cp>} {<root_authority.pem>} {($ Id.VSub_DollarName '$CERTS') </trusted_certs.pem>}) (C {<cp>} {<client_authority.pem>} {($ Id.VSub_DollarName '$CERTS')}) (C {<cp>} {<client1.pem>} {($ Id.VSub_DollarName '$CERTS')}) (C {<cp>} {<client2.pem>} {($ Id.VSub_DollarName '$CERTS')}) (C {<cd>} {<..>}) ] )