Last active
October 3, 2021 08:55
-
-
Save dale-c-anderson/ab29a341a3a2b0243eb1f0409e59f31b to your computer and use it in GitHub Desktop.
A fake LetsEncrypt simulator for use in testing inside isolated environments. Creates self signed certs instead of real ones.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash -ue | |
################################################################################ | |
# Simulates the certificate files that LetsEncrypt creates, creating self signed ones instead | |
# Ignores all arguments except the last one, which is assumed to be your FQDN. | |
################################################################################ | |
if [ $# -lt 1 ]; then | |
>&2 echo "I need at least a FQDN to do anything." | |
exit 1 | |
fi | |
# This hack just picks out the last argument provided to the script. | |
for FQDN; do true; done | |
echo "FQDN: $FQDN" | |
# Make the dirs we need. | |
mkdir -pv /etc/letsencrypt/{archive,live}/${FQDN} | |
# Create a cert + key, and put files in place | |
SELF_KEY=/etc/letsencrypt/archive/${FQDN}/privkey.pem | |
SELF_CERT=/etc/letsencrypt/archive/${FQDN}/cert.pem | |
( set -x && openssl req -x509 -nodes -days 60 -newkey rsa:2048 -keyout "$SELF_KEY" -out "$SELF_CERT" -subj "/C=CA/ST=British Columbia/L=Kelowna/O=Snake Oil Inc/OU=IT Department/CN=${FQDN}" ) | |
cp -v $SELF_CERT /etc/letsencrypt/archive/${FQDN}/chain.pem | |
cp -v $SELF_CERT /etc/letsencrypt/archive/${FQDN}/fullchain.pem | |
# Create links for the the "Live" versions | |
for WHAT in cert chain fullchain privkey; do | |
LINK=/etc/letsencrypt/live/${FQDN}/${WHAT}.pem | |
REAL=/etc/letsencrypt/archive/${FQDN}/${WHAT}.pem | |
ln -sv "$REAL" "$LINK" | |
done | |
echo "OK" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment