Created
April 26, 2024 18:36
-
-
Save bruceharrison1984/8feaeb28f7d84c8de4fed5e057dafe58 to your computer and use it in GitHub Desktop.
LDAP MTLS Certificate Generation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
mkdir -p ./certs/{ca,client,server} | |
cd ./certs/ca | |
echo "Generate CA certificates" | |
openssl req -new -x509 -nodes -days 365 -subj '/CN=example.com' -keyout ca.key -out ca.crt | |
cd ../server | |
echo "Generate server certificates" | |
cp ../ca/ca.crt . | |
openssl genrsa -out ldap-server.key 2048 | |
openssl req -new -key ldap-server.key -subj '/CN=localhost' -out ldap-server.csr | |
openssl x509 -req -in ldap-server.csr -CA ca.crt -CAkey ../ca/ca.key -CAcreateserial -days 365 -out ldap-server.crt | |
rm ldap-server.csr | |
cd ../client | |
echo "Generate client certificate" | |
cp ../ca/ca.crt . | |
openssl genrsa -out ldap-client.key 2048 | |
openssl req -new -key ldap-client.key -subj '/CN=ldap-client' -out ldap-client.csr | |
openssl x509 -req -in ldap-client.csr -CA ca.crt -CAkey ../ca/ca.key -CAcreateserial -days 365 -out ldap-client.crt | |
rm ldap-client.csr | |
echo "\nDone" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment