ViktorStiskala/SSL cert generator.sh

## install.sh
wget -O /usr/local/bin/generate-ssl-cert 'https://gist.githubusercontent.com/hareevs/10252835/raw/f167b8584b306b23bc2e001a23b3cb68d75f91dc/SSL%2520cert%2520generator.sh'
chmod +x /usr/local/bin/generate-ssl-cert

## SSL cert generator.sh
#!/bin/bash
# CONFIGURATION
openssl_config_file=$(openssl ca 2>&1 | grep "Using configuration from" | sed 's/Using configuration from //g')

################################################################################
txtgrn='\e[0;32m'
txtred='\e[0;31m'
txtrst='\e[0m'

config_tempfile=$(mktemp --suffix openssl)
trap "rm $config_tempfile; exit" SIGHUP SIGINT SIGQUIT SIGTERM # remove config tempfile upon termination

read -p "Key length [2048]: " keysize
keysize=${keysize:-2048}
read -p "Destination filename [server]: " filename
filename=${filename:-server}

echo -ne "$txtgrn"
read -p "Enter subject alternative names separated by whitespace []: " altnames
echo -ne "$txtrst"

# copy content to config tempfile
cat "$openssl_config_file" > "$config_tempfile"

if [ ! -z $altnames ]
then
cat >> "$config_tempfile" << EOF
[req]
req_extensions = v3_req

[ v3_req ]

# Extensions to add to a certificate request

basicConstraints = CA:FALSE
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
subjectAltName = @alt_names

[alt_names]
EOF
fi

# expand altnames
counter=1
for name in $altnames
do
        echo "DNS.$counter = $name" >> "$config_tempfile"
        let counter=counter+1
done

# generate key + csr
openssl req -nodes -newkey rsa:$keysize -keyout "${filename}.key" -out "${filename}.csr" -config "$config_tempfile"

if [ $? -eq 0 ]
then
        echo -e "${txtgrn}Generated certificate:"
        openssl req -text -noout -in "${filename}.csr" | grep -E "Subject:|DNS:" | sed -e 's/^\s*//'
        echo -ne "$txtrst"
else
        echo -e "${txtred}Failed to generate certificate${txtrst}"
fi

# cleanup
rm "$config_tempfile"
	wget -O /usr/local/bin/generate-ssl-cert 'https://gist.githubusercontent.com/hareevs/10252835/raw/f167b8584b306b23bc2e001a23b3cb68d75f91dc/SSL%2520cert%2520generator.sh'
	chmod +x /usr/local/bin/generate-ssl-cert
	#!/bin/bash
	# CONFIGURATION
	openssl_config_file=$(openssl ca 2>&1 \| grep "Using configuration from" \| sed 's/Using configuration from //g')

	################################################################################
	txtgrn='\e[0;32m'
	txtred='\e[0;31m'
	txtrst='\e[0m'

	config_tempfile=$(mktemp --suffix openssl)
	trap "rm $config_tempfile; exit" SIGHUP SIGINT SIGQUIT SIGTERM # remove config tempfile upon termination

	read -p "Key length [2048]: " keysize
	keysize=${keysize:-2048}
	read -p "Destination filename [server]: " filename
	filename=${filename:-server}

	echo -ne "$txtgrn"
	read -p "Enter subject alternative names separated by whitespace []: " altnames
	echo -ne "$txtrst"

	# copy content to config tempfile
	cat "$openssl_config_file" > "$config_tempfile"

	if [ ! -z $altnames ]
	then
	cat >> "$config_tempfile" << EOF
	[req]
	req_extensions = v3_req

	[ v3_req ]

	# Extensions to add to a certificate request

	basicConstraints = CA:FALSE
	keyUsage = nonRepudiation, digitalSignature, keyEncipherment
	subjectAltName = @alt_names

	[alt_names]
	EOF
	fi

	# expand altnames
	counter=1
	for name in $altnames
	do
	echo "DNS.$counter = $name" >> "$config_tempfile"
	let counter=counter+1
	done

	# generate key + csr
	openssl req -nodes -newkey rsa:$keysize -keyout "${filename}.key" -out "${filename}.csr" -config "$config_tempfile"

	if [ $? -eq 0 ]
	then
	echo -e "${txtgrn}Generated certificate:"
	openssl req -text -noout -in "${filename}.csr" \| grep -E "Subject:\|DNS:" \| sed -e 's/^\s*//'
	echo -ne "$txtrst"
	else
	echo -e "${txtred}Failed to generate certificate${txtrst}"
	fi

	# cleanup
	rm "$config_tempfile"