Skip to content

Instantly share code, notes, and snippets.

@NickWoodhams
Last active March 30, 2020 17:45
Show Gist options
  • Save NickWoodhams/9b7fd297f48329f6ff1629a193faf36f to your computer and use it in GitHub Desktop.
Save NickWoodhams/9b7fd297f48329f6ff1629a193faf36f to your computer and use it in GitHub Desktop.
Generates commands to create a self signed ssl that actually works. No browser errors as of 06-25-2019!
#!/bin/bash
# Generates a self signed ssl that actually works
DOMAIN1=$1
DOMAIN2=$4
IP_ADDRESS=$2
SSL_PATH=$3
CNF_PATH="$SSL_PATH/$DOMAIN1.cnf"
KEY_PATH="$SSL_PATH/$DOMAIN1.key"
CRT_PATH="$SSL_PATH/$DOMAIN1.crt"
echo ""
echo "DOMAIN1: $DOMAIN1"
echo "DOMAIN2: $DOMAIN2"
echo "IP_ADDRESS: $IP_ADDRESS"
echo "SSL_PATH: $SSL_PATH"
echo "CNF_PATH: $CNF_PATH"
echo "KEY_PATH: $KEY_PATH"
echo "CRT_PATH: $CRT_PATH"
echo ""
if [ ! DOMAIN1 ]; then
echo "Domain not set, example:"
echo "ssssl domain.com 49.99.99.99 [www.domain.com] [/etc/ssl]"
exit 125
fi
if [ ! IP_ADDRESS ]; then
echo "IP Address not set, example:"
echo "ssssl domain.com 49.99.99.99 [www.domain.com] [/etc/ssl]"
exit 125
fi
if [ ! SSL_PATH ]; then
echo "SSL Path not set, example:"
echo "ssssl domain.com 49.99.99.99 [www.domain.com] [/etc/ssl]"
exit 125
fi
# Generate config
echo "---------"
echo ""
echo "Create Self-Signed SSL with these commands:"
echo ""
if [ !DOMAIN2 ]; then
STMT="echo \"\"\"[req]\ndistinguished_name=req\n[san]\nsubjectAltName=DNS:$DOMAIN1,IP:$IP_ADDRESS\"\"\" | sudo tee $CNF_PATH"
echo -e $STMT
else
STMT="echo \"\"\"[req]\ndistinguished_name=req\n[san]\nsubjectAltName=DNS:$DOMAIN1,DNS:$DOMAIN2,IP:$IP_ADDRESS\"\"\" | sudo tee $CNF_PATH"
echo -e $STMT
fi
echo ""
OPENSSL_CMD="sudo openssl req -x509 -newkey rsa:4096 -sha256 -days 3650 -nodes -keyout $KEY_PATH -out $CRT_PATH -extensions san -config $CNF_PATH -subj /CN=$DOMAIN1"
echo $OPENSSL_CMD
echo ""
echo "---------"
echo ""
echo "Here's a nginx snippet for your ssl:"
echo ""
echo "ssl_certificate $CRT_PATH;"
echo "ssl_certificate_key $KEY_PATH;"
echo ""
echo "---------"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment