create x509 self-signed certificates

makecrt.sh

#!/bin/bash
set -ex
# ref: https://help.github.com/articles/adding-an-existing-project-to-github-using-the-command-line/
#
# Usage example: /bin/sh ./git_push.sh wing328 swagger-petstore-perl "minor update"

current_dir="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
cn=$1
out_dir=$2
key_file=$cn.key.pem
cert_file=$cn.cert.pem
csr_file=$cn.csr.pen
mkdir -p $out_dir
echo requsting certificate with cn=$cn key file=$key_file certificate file to output dir=$out_dir

echo    creating private key $key_file
openssl genrsa -out $current_dir/intermediate/private/$key_file 2048
chmod 400 $current_dir/intermediate/private/$key_file

openssl req -config intermediate/openssl.cnf \
    -key $current_dir/intermediate/private/$key_file \
    -new -sha256 -out intermediate/csr/$csr_file \
    -subj "/C=GB/ST=England/L=London/O=Acme Limited/OU=Acme Web Services/CN=$cn"

openssl ca -config intermediate/openssl.cnf \
    -extensions server_cert -days 3750 -notext -md sha256 \
    -in intermediate/csr/$csr_file \
    -out intermediate/certs/$cert_file

chmod 444 intermediate/certs/$cert_file
cp intermediate/private/$key_file $out_dir
cp intermediate/certs/$cert_file $out_dir