.PHONY: help init cert-%

help:
	@echo "## Welcome, SWAN Manager Certificate Master! What's your target to make?"
	@echo ""
	@echo "init            Initialize Server CA, Server Certs and Client CA."
	@echo "cert            Generate certificate for a Service Node"
	@echo ""

init:
	#=== Generate Controller CA ===
	@openssl genrsa -out controller-ca.key 4096
	@openssl req -x509 -new -nodes -key controller-ca.key -sha256 -days 3650 -out controller-ca.crt -subj "/C=US/ST=California/L=Palo Alto/O=AmiaNetworks/OU=ASN/CN=Controller"

	#=== Generate Controller Cert ===
	@openssl genrsa -out controller.key 2048
	@openssl req -new -key controller.key -out controller.csr -subj "/C=US/ST=California/L=Palo Alto/O=AmiaNetworks/OU=ASN/CN=Controller"
	@openssl x509 -req -in controller.csr -CA controller-ca.crt -CAkey controller-ca.key -CAcreateserial -out controller.pem -days 825 -sha256 -extfile v3.ext

	#=== Generate Node CA ===
	@openssl genrsa -out node-ca.key 4096
	@openssl req -x509 -new -nodes -key node-ca.key -sha256 -days 3650 -out node-ca.crt -subj "/C=US/ST=California/L=Palo Alto/O=AmiaNetworks/OU=ASN/CN=ServiceNode"

cert:
	#=== Generate Node Cert ===
	@openssl genrsa -out node.key 2048
	@openssl req -new -key node.key -out node.csr -subj "/C=US/ST=California/L=Palo Alto/O=AmiaNetworks/OU=SapphireIAM/CN=ServiceNode"
	@openssl x509 -req -in node.csr -CA node-ca.crt -CAkey node-ca.key -CAcreateserial -out node.pem -days 3650 -sha256
	@rm node.csr
