ahmadmarafa/ssllamp.sh

## ssllamp.sh
#!/usr/bin/env bash

RAND=$(openssl rand -hex 12)

TEMP="/opt/lampp/temp/$RAND"

mkdir $TEMP

cd $TEMP

#main domain
NAME="local.hub"

#list of sub domains
SUBS=(app api)

SUBSSTRING=""

ALIAS=""

HOST="127.0.0.1 $NAME";

for i in "${!SUBS[@]}"; do
    SUBSSTRING+="DNS.$((i+2)) = ${SUBS[$i]}.$NAME";
    SUBSSTRING+=$'\n'
    ALIAS+="ServerAlias ${SUBS[$i]}.$NAME";
    ALIAS+=$'\n'
    HOST+=" ${SUBS[$i]}.$NAME";
done

openssl genrsa -des3 -out myCA.key 2048

openssl req -x509 -new -nodes -key myCA.key -sha256 -days 825 -out myCA.pem -subj "/C=EG/ST=Cairo/L=Cairo/O=$NAME/CN=$NAME"

openssl genrsa -out $NAME.key 2048

openssl req -new -key $NAME.key -out $NAME.csr -subj "/C=EG/ST=Cairo/L=Cairo/O=$NAME/CN=$NAME"

[ -d "/opt/lampp/htdocs/$NAME/" ] || mkdir /opt/lampp/htdocs/$NAME/

>$NAME.ext cat <<-EOF
authorityKeyIdentifier=keyid,issuer
basicConstraints=CA:FALSE
keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
subjectAltName = @alt_names
[alt_names]
DNS.1 = $NAME # Be sure to include the domain name here because Common Name is not so commonly honoured by itself
$SUBSSTRING
EOF

openssl x509 -req -in $NAME.csr -CA myCA.pem -CAkey myCA.key -CAcreateserial -out $NAME.crt -days 825 -sha256 -extfile $NAME.ext

mv $TEMP /opt/lampp/etc/certs/$NAME

>>/opt/lampp/etc/extra/httpd-vhosts.conf cat<<-EOF
<VirtualHost *:443>
    ServerAdmin webmaster@$NAME
    DocumentRoot "/opt/lampp/htdocs/$NAME/"
    ServerName $NAME
    $ALIAS
    ErrorLog "logs/$NAME-error_log"
    CustomLog "logs/$NAME-access_log" common

    SSLEngine on
    SSLCertificateFile "/opt/lampp/etc/certs/$NAME/$NAME.crt"
    SSLCertificateKeyFile "/opt/lampp/etc/certs/$NAME/$NAME.key"
</VirtualHost>
EOF


>>/etc/hosts cat<<-EOF
$HOST
EOF

cp /opt/lampp/etc/certs/$NAME/$NAME.crt /usr/local/share/ca-certificates/
update-ca-certificates


echo "DONE; NOW ADD /opt/lampp/etc/certs/$NAME/myCA.pem to google chrome authoritey"

/opt/lampp/lampp restart
	#!/usr/bin/env bash

	RAND=$(openssl rand -hex 12)

	TEMP="/opt/lampp/temp/$RAND"

	mkdir $TEMP

	cd $TEMP

	#main domain
	NAME="local.hub"

	#list of sub domains
	SUBS=(app api)

	SUBSSTRING=""

	ALIAS=""

	HOST="127.0.0.1 $NAME";

	for i in "${!SUBS[@]}"; do
	SUBSSTRING+="DNS.$((i+2)) = ${SUBS[$i]}.$NAME";
	SUBSSTRING+=$'\n'
	ALIAS+="ServerAlias ${SUBS[$i]}.$NAME";
	ALIAS+=$'\n'
	HOST+=" ${SUBS[$i]}.$NAME";
	done

	openssl genrsa -des3 -out myCA.key 2048

	openssl req -x509 -new -nodes -key myCA.key -sha256 -days 825 -out myCA.pem -subj "/C=EG/ST=Cairo/L=Cairo/O=$NAME/CN=$NAME"

	openssl genrsa -out $NAME.key 2048

	openssl req -new -key $NAME.key -out $NAME.csr -subj "/C=EG/ST=Cairo/L=Cairo/O=$NAME/CN=$NAME"

	[ -d "/opt/lampp/htdocs/$NAME/" ] \|\| mkdir /opt/lampp/htdocs/$NAME/

	>$NAME.ext cat <<-EOF
	authorityKeyIdentifier=keyid,issuer
	basicConstraints=CA:FALSE
	keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
	subjectAltName = @alt_names
	[alt_names]
	DNS.1 = $NAME # Be sure to include the domain name here because Common Name is not so commonly honoured by itself
	$SUBSSTRING
	EOF

	openssl x509 -req -in $NAME.csr -CA myCA.pem -CAkey myCA.key -CAcreateserial -out $NAME.crt -days 825 -sha256 -extfile $NAME.ext

	mv $TEMP /opt/lampp/etc/certs/$NAME

	>>/opt/lampp/etc/extra/httpd-vhosts.conf cat<<-EOF
	<VirtualHost *:443>
	ServerAdmin webmaster@$NAME
	DocumentRoot "/opt/lampp/htdocs/$NAME/"
	ServerName $NAME
	$ALIAS
	ErrorLog "logs/$NAME-error_log"
	CustomLog "logs/$NAME-access_log" common

	SSLEngine on
	SSLCertificateFile "/opt/lampp/etc/certs/$NAME/$NAME.crt"
	SSLCertificateKeyFile "/opt/lampp/etc/certs/$NAME/$NAME.key"
	</VirtualHost>
	EOF


	>>/etc/hosts cat<<-EOF
	$HOST
	EOF

	cp /opt/lampp/etc/certs/$NAME/$NAME.crt /usr/local/share/ca-certificates/
	update-ca-certificates


	echo "DONE; NOW ADD /opt/lampp/etc/certs/$NAME/myCA.pem to google chrome authoritey"

	/opt/lampp/lampp restart