NickWoodhams/ssssl.sh

## ssssl.sh
#!/bin/bash
# Generates a self signed ssl that actually works

DOMAIN1=$1
DOMAIN2=$4
IP_ADDRESS=$2
SSL_PATH=$3
CNF_PATH="$SSL_PATH/$DOMAIN1.cnf"
KEY_PATH="$SSL_PATH/$DOMAIN1.key"
CRT_PATH="$SSL_PATH/$DOMAIN1.crt"

echo ""
echo "DOMAIN1: $DOMAIN1"
echo "DOMAIN2: $DOMAIN2"
echo "IP_ADDRESS: $IP_ADDRESS"
echo "SSL_PATH: $SSL_PATH"
echo "CNF_PATH: $CNF_PATH"
echo "KEY_PATH: $KEY_PATH"
echo "CRT_PATH: $CRT_PATH"
echo ""

if [ ! DOMAIN1 ]; then
    echo "Domain not set, example:"
    echo "ssssl domain.com 49.99.99.99 [www.domain.com] [/etc/ssl]"
    exit 125
fi
if [ ! IP_ADDRESS ]; then
    echo "IP Address not set, example:"
    echo "ssssl domain.com 49.99.99.99 [www.domain.com] [/etc/ssl]"
    exit 125
fi
if [ ! SSL_PATH ]; then
    echo "SSL Path not set, example:"
    echo "ssssl domain.com 49.99.99.99 [www.domain.com] [/etc/ssl]"
    exit 125
fi

# Generate config
echo "---------"
echo ""
echo "Create Self-Signed SSL with these commands:"
echo ""

if [ !DOMAIN2 ]; then
    STMT="echo \"\"\"[req]\ndistinguished_name=req\n[san]\nsubjectAltName=DNS:$DOMAIN1,IP:$IP_ADDRESS\"\"\" | sudo tee $CNF_PATH"
    echo -e $STMT
else
    STMT="echo \"\"\"[req]\ndistinguished_name=req\n[san]\nsubjectAltName=DNS:$DOMAIN1,DNS:$DOMAIN2,IP:$IP_ADDRESS\"\"\" | sudo tee $CNF_PATH"
    echo -e $STMT
fi

echo ""
OPENSSL_CMD="sudo openssl req -x509 -newkey rsa:4096 -sha256 -days 3650 -nodes -keyout $KEY_PATH -out $CRT_PATH -extensions san -config $CNF_PATH -subj /CN=$DOMAIN1"
echo $OPENSSL_CMD
echo ""
echo "---------"
echo ""
echo "Here's a nginx snippet for your ssl:"
echo ""
echo "ssl_certificate $CRT_PATH;"
echo "ssl_certificate_key $KEY_PATH;"
echo ""
echo "---------"
	#!/bin/bash
	# Generates a self signed ssl that actually works

	DOMAIN1=$1
	DOMAIN2=$4
	IP_ADDRESS=$2
	SSL_PATH=$3
	CNF_PATH="$SSL_PATH/$DOMAIN1.cnf"
	KEY_PATH="$SSL_PATH/$DOMAIN1.key"
	CRT_PATH="$SSL_PATH/$DOMAIN1.crt"

	echo ""
	echo "DOMAIN1: $DOMAIN1"
	echo "DOMAIN2: $DOMAIN2"
	echo "IP_ADDRESS: $IP_ADDRESS"
	echo "SSL_PATH: $SSL_PATH"
	echo "CNF_PATH: $CNF_PATH"
	echo "KEY_PATH: $KEY_PATH"
	echo "CRT_PATH: $CRT_PATH"
	echo ""

	if [ ! DOMAIN1 ]; then
	echo "Domain not set, example:"
	echo "ssssl domain.com 49.99.99.99 [www.domain.com] [/etc/ssl]"
	exit 125
	fi
	if [ ! IP_ADDRESS ]; then
	echo "IP Address not set, example:"
	echo "ssssl domain.com 49.99.99.99 [www.domain.com] [/etc/ssl]"
	exit 125
	fi
	if [ ! SSL_PATH ]; then
	echo "SSL Path not set, example:"
	echo "ssssl domain.com 49.99.99.99 [www.domain.com] [/etc/ssl]"
	exit 125
	fi

	# Generate config
	echo "---------"
	echo ""
	echo "Create Self-Signed SSL with these commands:"
	echo ""

	if [ !DOMAIN2 ]; then
	STMT="echo \"\"\"[req]\ndistinguished_name=req\n[san]\nsubjectAltName=DNS:$DOMAIN1,IP:$IP_ADDRESS\"\"\" \| sudo tee $CNF_PATH"
	echo -e $STMT
	else
	STMT="echo \"\"\"[req]\ndistinguished_name=req\n[san]\nsubjectAltName=DNS:$DOMAIN1,DNS:$DOMAIN2,IP:$IP_ADDRESS\"\"\" \| sudo tee $CNF_PATH"
	echo -e $STMT
	fi

	echo ""
	OPENSSL_CMD="sudo openssl req -x509 -newkey rsa:4096 -sha256 -days 3650 -nodes -keyout $KEY_PATH -out $CRT_PATH -extensions san -config $CNF_PATH -subj /CN=$DOMAIN1"
	echo $OPENSSL_CMD
	echo ""
	echo "---------"
	echo ""
	echo "Here's a nginx snippet for your ssl:"
	echo ""
	echo "ssl_certificate $CRT_PATH;"
	echo "ssl_certificate_key $KEY_PATH;"
	echo ""
	echo "---------"