Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
startssl + nginx
APP=nginx
HOST=ars
CLASS=2
#echo "make key: $APP.$HOST.encrypted.key"
#openssl genrsa -des3 -out $APP.$HOST.encrypted.key 2048
echo "make CSR: $APP.$HOST.csr"
openssl req -new -key $APP.$HOST.encrypted.key -out $APP.$HOST.csr
echo "make decrypted key: $APP.$HOST.key.pem"
openssl rsa -in $APP.$HOST.encrypted.key -out $APP.$HOST.key
sudo chmod 400 $APP.$HOST.key
sudo chown root:root $APP.$HOST.key
echo "now go to http://startssl.com and log in"
echo ""Control Panel" > "Certificates Wizard" > "Web Server SSL/TLS Certificate""
echo "Skip Key Generation ..."
echo "And paste the following CSR: \n"
cat $APP.$HOST.csr
echo "When you get back the CERT, paste it in the following file:"
echo "startssl.$APP.$HOST.cert.pem"
APP=nginx
HOST=ars
CLASS=2
echo "downloading startSSL's ca.pem ..."
curl http://www.startssl.com/certs/ca.pem > startssl.ca.pem
echo "downloading startSSL's sub.class$CLASS.server.ca.pem ..."
curl http://www.startssl.com/certs/sub.class$CLASS.server.ca.pem > startssl.class$CLASS.ca.pem
echo "making combined cert $APP.$HOST.pem ..."
if [ -f startssl.$APP.$HOST.cert.pem ]; then
cat startssl.$APP.$HOST.cert.pem startssl.ca.pem startssl.class$CLASS.ca.pem > $APP.$HOST.pem
else
echo "No CERT "startssl.$APP.$HOST.cert.pem" found!"
exit 1
fi
echo "Finished making SSL stuff"
echo "Now edit your config:"
echo " \
server { \n\
listen 443; \n\
ssl on; \n\
ssl_certificate /etc/nginx/ssl/$APP.$HOST.pem; \n\
ssl_certificate_key /etc/nginx/ssl/$APP.$HOST.key; \n\
... \n\
}"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.