Generate self signed certificates

cert.sh

#!/bin/sh

Setup(){
echo "***********************"
echo "* Install step cli    *"
echo "***********************"
	apt update -y && apt install -f wget
	cd /data/
	wget https://github.com/smallstep/cli/releases/download/v0.15.2/step-cli_0.15.2_amd64.deb		
	dpkg -i step-cli_*_amd64.deb

echo "**************************"
echo "* Create self sign Cert  *"
echo "**************************"
	mkdir -p /srv/tls && cd /srv/tls
	step certificate create root-ca root-ca.crt root-ca.key --profile root-ca
	step certificate install root-ca.crt
	step certificate create  $(hostname -f) server.crt server.key --san $(hostname -f) --san $(hostname -s) --profile leaf --ca ./root-ca.crt --ca-key ./root-ca.key --no-password --insecure --not-after "$(date --date "next year" -Iseconds)"
	step certificate bundle server.crt root-ca.crt bundle.crt
	chmod 644 bundle.crt
	chmod 640 server.key
	chown .www-data server.key
sed -i "s;SSLCertificateKeyFile.*;SSLCertificateKeyFile /srv/tls/server.key;" /etc/apache2/sites-enabled/default-ssl.conf
sed -i "s;SSLCertificateFile.*;SSLCertificateFile /srv/tls/server.crt;" /etc/apache2/sites-enabled/default-ssl.conf

}

Setup