# How to use CA.pl
# put openssl.cnf in /etc/ssl
$ chmod +x CA.pl	# once only, obviously
$ ./CA.pl -newca	# only the first time, this creates your CA
$ ./CA.pl -newreq
$ ./CA.pl -signreq
$ ./CA.pl -pkcs12 "friendly name"

			# beware that your req/cert/key will be "newblah",
			#  so make sure to move them out of the way before
			#  generating a second cert, to make sure they don't
			#  get clubbered.