Last active
May 17, 2020 08:32
-
-
Save gistlyn/4b321ee5258d5c7d8c634610aabb5af1 to your computer and use it in GitHub Desktop.
gen-https.sh bash & WSL scripts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| #Usage: bash gen-dev.https.sh <password>? | |
| PASSWORD=grpc | |
| if [ $# -ge 1 ] | |
| then | |
| PASSWORD=$1 | |
| fi | |
| cat <<EOT >>dev.config | |
| [ req ] | |
| default_bits = 2048 | |
| default_md = sha256 | |
| default_keyfile = dev.key | |
| prompt = no | |
| encrypt_key = no | |
| distinguished_name = dn | |
| req_extensions = v3_req | |
| x509_extensions = x509_req | |
| string_mask = utf8only | |
| [ dn ] | |
| commonName = localhost dev cert | |
| emailAddress = test@localtest.me | |
| countryName = US | |
| stateOrProvinceName = DE | |
| localityName = Wilmington | |
| organizationName = My App | |
| [ x509_req ] | |
| subjectKeyIdentifier = hash | |
| authorityKeyIdentifier = keyid,issuer | |
| basicConstraints = critical, CA:false | |
| keyUsage = critical, keyEncipherment | |
| subjectAltName = @alt_names | |
| # extendedKeyUsage = serverAuth, clientAuth | |
| nsComment = "OpenSSL Generated Certificate" | |
| [ v3_req ] | |
| subjectKeyIdentifier = hash | |
| basicConstraints = critical, CA:false | |
| subjectAltName = @alt_names | |
| # extendedKeyUsage = serverAuth, clientAuth | |
| nsComment = "OpenSSL Generated Certificate" | |
| [ alt_names ] | |
| DNS.1 = localhost | |
| EOT | |
| openssl req -config dev.config -new -out dev.csr.pem | |
| openssl x509 -req -days 365 -extfile dev.config -extensions v3_req -in dev.csr.pem -signkey dev.key -out dev.crt | |
| openssl pkcs12 -export -out dev.pfx -inkey dev.key -in dev.crt -password pass:$PASSWORD | |
| rm dev.config dev.csr.pem | |
| #cp dev.pfx .. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| #Usage: bash gen-prod.https.sh <domain>? <password>? | |
| DOMAIN=myapp.domain.org | |
| if [ $# -ge 1 ] | |
| then | |
| DOMAIN=$1 | |
| fi | |
| PASSWORD=grpc | |
| if [ $# -ge 2 ] | |
| then | |
| PASSWORD=$2 | |
| fi | |
| cat <<EOT >>prod.config | |
| [ req ] | |
| default_bits = 2048 | |
| default_md = sha256 | |
| default_keyfile = prod.key | |
| prompt = no | |
| encrypt_key = no | |
| distinguished_name = dn | |
| req_extensions = v3_req | |
| x509_extensions = x509_req | |
| string_mask = utf8only | |
| [ dn ] | |
| commonName = MyApp prod cert | |
| emailAddress = myapp@domain.org | |
| countryName = US | |
| stateOrProvinceName = DE | |
| localityName = Wilmington | |
| organizationName = My App | |
| [ x509_req ] | |
| subjectKeyIdentifier = hash | |
| authorityKeyIdentifier = keyid,issuer | |
| basicConstraints = critical, CA:false | |
| keyUsage = critical, keyEncipherment | |
| subjectAltName = @alt_names | |
| # extendedKeyUsage = serverAuth, clientAuth | |
| nsComment = "OpenSSL Generated Certificate" | |
| [ v3_req ] | |
| subjectKeyIdentifier = hash | |
| basicConstraints = critical, CA:false | |
| subjectAltName = @alt_names | |
| # extendedKeyUsage = serverAuth, clientAuth | |
| nsComment = "OpenSSL Generated Certificate" | |
| [ alt_names ] | |
| DNS.1 = $DOMAIN | |
| EOT | |
| openssl req -config prod.config -new -out prod.csr.pem | |
| openssl x509 -req -days 365 -extfile prod.config -extensions v3_req -in prod.csr.pem -signkey prod.key -out prod.crt | |
| openssl pkcs12 -export -out prod.pfx -inkey prod.key -in prod.crt -password pass:$PASSWORD | |
| rm prod.config prod.csr.pem | |
| # cp prod.pfx ../ | |
| # cp prod.crt ../wwwroot/grpc.crt |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment