Bash script to generate ssl key / cert

gencert.sh

#!/bin/sh

# default values
conf_file="$HOME/.gencert2"
key_file=key.pem
csr_file=csr.pem
cert_file=cert.pem
bits=1024

get_vars(){
  exec_path=$0
  exec_file=`basename $exec_path`
  if [ -n "$1" ] ; then
    conf_file=$1
  fi
  if [ -f "$conf_file" ] ; then
    . "$conf_file"
  else
    read -p "No config file found. Shall I create one for you? " resp

    case $resp in
      y*)
        create_conf
        echo "Config file created. Use $exec_file again to generate certificate."
        exit
        ;;
      *)
        exit
        ;;
    esac
  fi
}

create_conf(){
  default_fields=(
    countryName
    stateOrProvinceName
    localityName
    organizationName
    organizationalUnitName
    commonName
    emailAddress
  )

  cat > "$conf_file" <<CONF
gencert_fields=(${default_fields[@]})
CONF

  for i in ${default_fields[@]} ;do
    read -p "$i=" value
    cat >> "$conf_file" <<CONF
$i="$value"
CONF
  done
}

gen_tmp(){
  tmp=`mktemp`

  cat > $tmp <<CONF
[ req ]
distinguished_name  = req_distinguished_name
prompt = no

[ req_distinguished_name ]

CONF

  for i in ${gencert_fields[@]} ;do
    echo $i
    eval default=\$$i
    
    if [ -z "$default" ]; then
      read -p "$i=" default
    fi

    cat >> $tmp <<CONF
$i = $default
CONF

  done
}

generate(){
  openssl genrsa -out $key_file $bits
  openssl req -new -key $key_file -out $csr_file -config $tmp
  openssl x509 -req -in $csr_file -signkey $key_file -out $cert_file
}

main(){
  get_vars $@
  gen_tmp
  generate
}

main $@