This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
# For multi domain, add reqexts option when generate cer | |
# --reqexts SAN -config <(cat /etc/ssl/openssl.cnf <(printf "[SAN]\nsubjectAltName=DNS:example.com,DNS:www.example.com")) | |
# For wildcard domain, using '*' at first | |
# -subj "/C=AU/ST=NSW/L=Sydney/O=MongoDB/OU=root/CN=*.example.com/emailAddress=kevinadi@mongodb.com" | |
# Generate self signed root CA cert | |
openssl req -nodes -x509 -newkey rsa:2048 -keyout ca.key -out ca.crt -subj "/C=AU/ST=NSW/L=Sydney/O=MongoDB/OU=root/CN=`hostname -f`/emailAddress=kevinadi@mongodb.com" -days 365 |