Skip to content

Instantly share code, notes, and snippets.

@fapestniegd
Created October 25, 2011 16:44
Show Gist options
  • Save fapestniegd/1313395 to your computer and use it in GitHub Desktop.
Save fapestniegd/1313395 to your computer and use it in GitHub Desktop.
#!/bin/bash
TARGET_HOST='hoenir.websages.com'
TMP=$(mktemp -d /tmp/sslcert.XXXX)
cat<<EOF > ${TMP}/openssl.cnf
[ req ]
distinguished_name = req_distinguished_name
req_extensions = v3_req
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
countryName_default = US
stateOrProvinceName = State or Province Name (full name)
stateOrProvinceName_default = Tennessee
localityName = Locality Name (eg, city)
localityName_default = Nashville
0.organizationName = Organization Name (eg, company)
0.organizationName_default = OG Consulting
organizationalUnitName = Organizational Unit Name (eg, section)
organizationalUnitName_default = Operations
commonName = Common Name (eg, YOUR name)
commonName_default = ${TARGET_HOST}
emailAddress = Email Address
emailAddress_default = root@${TARGET_HOST}
[ v3_req ]
basicConstraints = CA:FALSE
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
# Additional things you might add to v3_req:
subjectAltName=DNS:irclogs.ogtastic.com,DNS:yermom.ogtastic.com
EOF
/usr/bin/openssl genrsa -out ${TMP}/${TARGET_HOST}.key 2048
/usr/bin/openssl req -new -sha1 -days 365 \
-key ${TMP}/${TARGET_HOST}.key \
-out ${TMP}/${TARGET_HOST}.csr \
-config ${TMP}/openssl.cnf -batch
cat ${TMP}/${TARGET_HOST}.csr
openssl x509 -req -days 365 -in ${TMP}/${TARGET_HOST}.csr \
-signkey ${TMP}/${TARGET_HOST}.key \
-out ${TMP}/${TARGET_HOST}.crt
echo
echo
echo
openssl x509 -text -noout -in ${TMP}/${TARGET_HOST}.crt
echo "Created in ${TMP}:"
ls -l "${TMP}"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment