Created
November 12, 2008 16:48
-
-
Save agile/24203 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
# | |
# make a new self signed cert | |
# re: https://help.ubuntu.com/8.04/serverguide/C/certificates-and-security.html | |
# | |
SERVER=$1 | |
DAYS=3650 # 10 years | |
# uncomment to set a passphrase, which will be required when whatever's using the cert starts | |
# PASSPHRASE="-des3" | |
if [ -z "$1" ]; then | |
echo "$0 <servername>" | |
exit 1 | |
fi | |
openssl genrsa ${PASSPHRASE} -out ${SERVER}.key 1024 | |
openssl rsa -in ${SERVER}.key -out ${SERVER}.key.insecure | |
openssl req -new -key ${SERVER}.key -out ${SERVER}.csr | |
openssl x509 -req -days ${DAYS} -in ${SERVER}.csr -signkey ${SERVER}.key -out ${SERVER}.crt | |
sudo mv ${SERVER}.crt /etc/ssl/certs && sudo chown root:ssl-cert /etc/ssl/certs/${SERVER}.crt && sudo chmod 644 /etc/ssl/certs/${SERVER}.crt | |
sudo mv ${SERVER}.key /etc/ssl/private && sudo chown root:ssl-cert /etc/ssl/private/${SERVER}.key && sudo chmod 640 /etc/ssl/private/${SERVER}.key | |
sudo rm ${SERVER}.csr ${SERVER}.key.insecure | |
echo "New cert: /etc/ssl/certs/${SERVER}.crt" | |
echo "New key: /etc/ssl/private/${SERVER}.key" | |
echo "Will be valid for ${DAYS} days" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment