Created
December 4, 2015 07:31
-
-
Save PowerKiKi/02a90c765d7b79e7f64d to your computer and use it in GitHub Desktop.
Generate self-signed wildcard SSL certificate for development environment
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| # print usage | |
| DOMAIN=$1 | |
| if [ -z "$1" ]; then | |
| echo "USAGE: $0 domain.lan" | |
| echo "" | |
| echo "This will generate a non-secure self-signed wildcard certificate for given domain." | |
| echo "This should only be used in a development environment." | |
| exit | |
| fi | |
| # Add wildcard | |
| WILDCARD="*.$DOMAIN" | |
| # Set our CSR variables | |
| SUBJ=" | |
| C=US | |
| ST=NY | |
| O=Local Developement | |
| localityName=Local Developement | |
| commonName=$WILDCARD | |
| organizationalUnitName=Local Developement | |
| emailAddress= | |
| " | |
| # Generate our Private Key, CSR and Certificate | |
| openssl genrsa -out "$DOMAIN.key" 2048 | |
| openssl req -new -subj "$(echo -n "$SUBJ" | tr "\n" "/")" -key "$DOMAIN.key" -out "$DOMAIN.csr" | |
| openssl x509 -req -days 3650 -in "$DOMAIN.csr" -signkey "$DOMAIN.key" -out "$DOMAIN.crt" | |
| rm "$DOMAIN.csr" | |
| echo "" | |
| echo "Next manual steps:" | |
| echo "- Use $DOMAIN.crt and $DOMAIN.key to configure Apache/nginx" | |
| echo "- Import $DOMAIN.crt into Chrome settings: chrome://settings/certificates > tab 'Authorities'" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
For one off generation without a CA, see the fork: https://gist.github.com/dmadisetti/16006751fd6e1526fa9c2f2e1660e8e3
Otherwise just use Ben's scripts