DrPsychick/cups-cert.sh

## cups-cert.sh
# generate a root CA (which will be your master certificate)
openssl req -x509 -nodes -new -sha256 -days 1024 -newkey rsa:2048 \
  -keyout RootCA.key -out RootCA.pem \
  -subj "/C=DE/CN=Root CA for .mydomain"
openssl x509 -outform pem -in RootCA.pem -out RootCA.crt

# import the cert as trusted on macOS
sudo security add-trusted-cert -d -r trustRoot \
  -k /Library/Keychains/System.keychain RootCA.crt

# generate a certificate for `cups.mydomain`
openssl req -new -nodes -newkey rsa:2048 -keyout cups.key \
  -out cups.csr \
  -subj "/C=DE/ST=BW/L=Karlsruhe/O=mydomain/CN=cups.mydomain"
openssl x509 -req -sha256 -days 1024 -in cups.csr \
  -CA RootCA.pem -CAkey RootCA.key -CAcreateserial \
  -out cups.crt

# get the certificate in one line
# and pass it via ENV to the container
echo "CUPS_SSL_CERT=$(cat cups.crt)" | sed -e "s/$/\\\n/g" \
  | tr -d '\n'
echo "CUPS_SSL_KEY=$(cat cups.key)" | sed -e "s/$/\\\n/g" \
  | tr -d '\n'
	# generate a root CA (which will be your master certificate)
	openssl req -x509 -nodes -new -sha256 -days 1024 -newkey rsa:2048 \
	-keyout RootCA.key -out RootCA.pem \
	-subj "/C=DE/CN=Root CA for .mydomain"
	openssl x509 -outform pem -in RootCA.pem -out RootCA.crt

	# import the cert as trusted on macOS
	sudo security add-trusted-cert -d -r trustRoot \
	-k /Library/Keychains/System.keychain RootCA.crt

	# generate a certificate for `cups.mydomain`
	openssl req -new -nodes -newkey rsa:2048 -keyout cups.key \
	-out cups.csr \
	-subj "/C=DE/ST=BW/L=Karlsruhe/O=mydomain/CN=cups.mydomain"
	openssl x509 -req -sha256 -days 1024 -in cups.csr \
	-CA RootCA.pem -CAkey RootCA.key -CAcreateserial \
	-out cups.crt

	# get the certificate in one line
	# and pass it via ENV to the container
	echo "CUPS_SSL_CERT=$(cat cups.crt)" \| sed -e "s/$/\\\n/g" \
	\| tr -d '\n'
	echo "CUPS_SSL_KEY=$(cat cups.key)" \| sed -e "s/$/\\\n/g" \
	\| tr -d '\n'