imesh/generate-cert.sh

## generate-cert.sh
#!/bin/bash

client_domain="$1"

mkdir -p ${client_domain}
pushd ${client_domain}
echo "Generating CA key and cert..."
openssl genrsa -out rootCA.key 2048
openssl req -x509 -new -key rootCA.key -days 3650 -out rootCA.pem \
-subj "/C=AA/ST=AA/L=AA/O=AA Ltd/OU=AA/CN=ca.${client_domain}/emailAddress=abc@ca.${client_domain}"

echo "Generating client key and csr..."
openssl genrsa -out ${client_domain}.key 2048
openssl req -new -key ${client_domain}.key -out ${client_domain}.csr \
-subj "/C=BB/ST=BB/L=BB/O=BB Ltd/OU=BB/CN=${client_domain}/emailAddress=abc@${client_domain}"

echo "Generating client cert signed with CA cert..."

openssl x509 -req -days 365 -CA rootCA.pem -CAkey rootCA.key \
-CAcreateserial -CAserial serial -in ${client_domain}.csr -out ${client_domain}.pem

echo "Generating PFX..."
openssl pkcs12 -export -out ${client_domain}.pfx -inkey ${client_domain}.key -in ${client_domain}.pem
echo "DONE!"
popd
	#!/bin/bash

	client_domain="$1"

	mkdir -p ${client_domain}
	pushd ${client_domain}
	echo "Generating CA key and cert..."
	openssl genrsa -out rootCA.key 2048
	openssl req -x509 -new -key rootCA.key -days 3650 -out rootCA.pem \
	-subj "/C=AA/ST=AA/L=AA/O=AA Ltd/OU=AA/CN=ca.${client_domain}/emailAddress=abc@ca.${client_domain}"

	echo "Generating client key and csr..."
	openssl genrsa -out ${client_domain}.key 2048
	openssl req -new -key ${client_domain}.key -out ${client_domain}.csr \
	-subj "/C=BB/ST=BB/L=BB/O=BB Ltd/OU=BB/CN=${client_domain}/emailAddress=abc@${client_domain}"

	echo "Generating client cert signed with CA cert..."

	openssl x509 -req -days 365 -CA rootCA.pem -CAkey rootCA.key \
	-CAcreateserial -CAserial serial -in ${client_domain}.csr -out ${client_domain}.pem

	echo "Generating PFX..."
	openssl pkcs12 -export -out ${client_domain}.pfx -inkey ${client_domain}.key -in ${client_domain}.pem
	echo "DONE!"
	popd