Skip to content

Instantly share code, notes, and snippets.

@gm3dmo
Created December 3, 2013 14:30
Show Gist options
  • Save gm3dmo/7770062 to your computer and use it in GitHub Desktop.
Save gm3dmo/7770062 to your computer and use it in GitHub Desktop.
Very basic shell script to generate a certificate signing request (CSR) for an SSL Certificate.
# usage:
# request_openssl dev|www
host=$1
domain='<somedomain.com>'
cert_csr_file=${host}.cert.csr
key_file=${host}.key.pem
cert_pem_file=${host}.cert.pem
key_length=4096
cert_type=rsa
O='Some Org'
C='GB'
ST='Some County'
L='Some Location'
days_valid=730
openssl req \
-new -newkey ${cert_type}:${key_length} -nodes \
-subj "/CN=${host}.${domain}/O=${O}/C=${C}/ST=${ST}/L=${L}" \
-keyout ${key_file} \
-out ${cert_csr_file}
echo "****************** CSR Listing *********************************"
echo
openssl req -in ${cert_csr_file} -text
echo
echo "****************************************************************"
echo
echo
echo "Now send ${cert_csr_file} to a chosen certificate authority."
echo
echo "You will need ${key_file} and the cert.pem file returned"
echo "by your CA."
echo
echo "****************************************************************"
# Only use this if you want to self sign:
#openssl x509 -req -days ${days_valid} -in ${cert_csr} -signkey ${key_file} -out ${cert_pem}
#rm /etc/ssl/certs/cert.csr
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment