arukoh/generate-self-signed-ssl-certificate.rb

## generate-self-signed-ssl-certificate.rb
#!/usr/bin/env ruby
require "tmpdir"

COMMON_NAME = ARGV[0]
OUTDIR      = File.expand_path(ARGV[1] || '.')
if COMMON_NAME.nil? || !File.directory?(OUTDIR)
  puts "Usage: #{File.basename(__FILE__)} [COMMON_NAME] [OUTDIR]"
  exit 1
end

PRIVATE_KEY_NUMBITS = 2048
EXPIRATION_IN_DAYS  = 365

COUNTRY_NAME             = "US"
STATE_OR_PROVINCE_NAME   = "CA"
LOCALITY_NAME            = "San Francisco"
ORGANIZATION_NAME        = "Example Company"
ORGANIZATIONAL_UNIT_NAME = "Information Systems"

private_key_path     = File.join(OUTDIR, "private_key.pem")
csr_path             = File.join(OUTDIR, "csr.pem")
certificate_path     = File.join(OUTDIR, "certificate.pem")
certificate_der_path = File.join(OUTDIR, "certificate.der")

OPENSSL_CNF = <<__CNF__
#-------------openssl.cnf----------------
[ req ]
default_bits       = 1024 # Size of keys
default_keyfile    = key.pem # name of generated keys
default_md         = md5 # message digest algorithm
string_mask        = nombstr # permitted characters
distinguished_name = req_distinguished_name

[ req_distinguished_name ]
# Variable name   Prompt string
0.organizationName     = Organization Name (company)
organizationalUnitName = Organizational Unit Name (department, division)
emailAddress           = Email Address
emailAddress_max       = 40
localityName           = Locality Name (city, district)
stateOrProvinceName    = State or Province Name (full name)
countryName            = Country Name (2 letter code)
countryName_min        = 2
countryName_max        = 2
commonName             = Common Name (hostname, IP, or your name)
commonName_max         = 64

#-------------------Edit this section------------------------------
countryName_default            = #{COUNTRY_NAME}
stateOrProvinceName_default    = #{STATE_OR_PROVINCE_NAME}
localityName_default           = #{LOCALITY_NAME}
0.organizationName_default     = #{ORGANIZATION_NAME}
organizationalUnitName_default = #{ORGANIZATIONAL_UNIT_NAME}
commonName_default             = #{COMMON_NAME}
emailAddress_default           = admin@#{COMMON_NAME}
__CNF__

system("openssl genrsa -out #{private_key_path} #{PRIVATE_KEY_NUMBITS} 1>/dev/null 2>/dev/null")

Dir.mktmpdir do |dir|
  cnf_path = File.join(dir, "openssl.cnf")
  open(cnf_path, "w") {|f| f.puts(OPENSSL_CNF) }

  system("openssl req -new -nodes -key #{private_key_path} -out #{csr_path} -config #{cnf_path} -batch")
  system("openssl req -x509 -days #{EXPIRATION_IN_DAYS} -in #{csr_path} -key #{private_key_path} -out #{certificate_path}")
  system("openssl x509 -in #{certificate_path} -outform DER -out #{certificate_der_path}")
end
	#!/usr/bin/env ruby
	require "tmpdir"

	COMMON_NAME = ARGV[0]
	OUTDIR = File.expand_path(ARGV[1] \|\| '.')
	if COMMON_NAME.nil? \|\| !File.directory?(OUTDIR)
	puts "Usage: #{File.basename(__FILE__)} [COMMON_NAME] [OUTDIR]"
	exit 1
	end

	PRIVATE_KEY_NUMBITS = 2048
	EXPIRATION_IN_DAYS = 365

	COUNTRY_NAME = "US"
	STATE_OR_PROVINCE_NAME = "CA"
	LOCALITY_NAME = "San Francisco"
	ORGANIZATION_NAME = "Example Company"
	ORGANIZATIONAL_UNIT_NAME = "Information Systems"

	private_key_path = File.join(OUTDIR, "private_key.pem")
	csr_path = File.join(OUTDIR, "csr.pem")
	certificate_path = File.join(OUTDIR, "certificate.pem")
	certificate_der_path = File.join(OUTDIR, "certificate.der")

	OPENSSL_CNF = <<__CNF__
	#-------------openssl.cnf----------------
	[ req ]
	default_bits = 1024 # Size of keys
	default_keyfile = key.pem # name of generated keys
	default_md = md5 # message digest algorithm
	string_mask = nombstr # permitted characters
	distinguished_name = req_distinguished_name

	[ req_distinguished_name ]
	# Variable name Prompt string
	0.organizationName = Organization Name (company)
	organizationalUnitName = Organizational Unit Name (department, division)
	emailAddress = Email Address
	emailAddress_max = 40
	localityName = Locality Name (city, district)
	stateOrProvinceName = State or Province Name (full name)
	countryName = Country Name (2 letter code)
	countryName_min = 2
	countryName_max = 2
	commonName = Common Name (hostname, IP, or your name)
	commonName_max = 64

	#-------------------Edit this section------------------------------
	countryName_default = #{COUNTRY_NAME}
	stateOrProvinceName_default = #{STATE_OR_PROVINCE_NAME}
	localityName_default = #{LOCALITY_NAME}
	0.organizationName_default = #{ORGANIZATION_NAME}
	organizationalUnitName_default = #{ORGANIZATIONAL_UNIT_NAME}
	commonName_default = #{COMMON_NAME}
	emailAddress_default = admin@#{COMMON_NAME}
	__CNF__

	system("openssl genrsa -out #{private_key_path} #{PRIVATE_KEY_NUMBITS} 1>/dev/null 2>/dev/null")

	Dir.mktmpdir do \|dir\|
	cnf_path = File.join(dir, "openssl.cnf")
	open(cnf_path, "w") {\|f\| f.puts(OPENSSL_CNF) }

	system("openssl req -new -nodes -key #{private_key_path} -out #{csr_path} -config #{cnf_path} -batch")
	system("openssl req -x509 -days #{EXPIRATION_IN_DAYS} -in #{csr_path} -key #{private_key_path} -out #{certificate_path}")
	system("openssl x509 -in #{certificate_path} -outform DER -out #{certificate_der_path}")
	end