Last active
December 22, 2020 18:10
-
-
Save Snehal1112/40699211738c8faaa6576d4f58b12920 to your computer and use it in GitHub Desktop.
Generate self signed certificates
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
Setup(){ | |
echo "***********************" | |
echo "* Install step cli *" | |
echo "***********************" | |
apt update -y && apt install -f wget | |
cd /data/ | |
wget https://github.com/smallstep/cli/releases/download/v0.15.2/step-cli_0.15.2_amd64.deb | |
dpkg -i step-cli_*_amd64.deb | |
echo "**************************" | |
echo "* Create self sign Cert *" | |
echo "**************************" | |
mkdir -p /srv/tls && cd /srv/tls | |
step certificate create root-ca root-ca.crt root-ca.key --profile root-ca | |
step certificate install root-ca.crt | |
step certificate create $(hostname -f) server.crt server.key --san $(hostname -f) --san $(hostname -s) --profile leaf --ca ./root-ca.crt --ca-key ./root-ca.key --no-password --insecure --not-after "$(date --date "next year" -Iseconds)" | |
step certificate bundle server.crt root-ca.crt bundle.crt | |
chmod 644 bundle.crt | |
chmod 640 server.key | |
chown .www-data server.key | |
sed -i "s;SSLCertificateKeyFile.*;SSLCertificateKeyFile /srv/tls/server.key;" /etc/apache2/sites-enabled/default-ssl.conf | |
sed -i "s;SSLCertificateFile.*;SSLCertificateFile /srv/tls/server.crt;" /etc/apache2/sites-enabled/default-ssl.conf | |
} | |
Setup |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment