Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
#!/bin/bash
client_domain="$1"
mkdir -p ${client_domain}
pushd ${client_domain}
echo "Generating CA key and cert..."
openssl genrsa -out rootCA.key 2048
openssl req -x509 -new -key rootCA.key -days 3650 -out rootCA.pem \
-subj "/C=AA/ST=AA/L=AA/O=AA Ltd/OU=AA/CN=ca.${client_domain}/emailAddress=abc@ca.${client_domain}"
echo "Generating client key and csr..."
openssl genrsa -out ${client_domain}.key 2048
openssl req -new -key ${client_domain}.key -out ${client_domain}.csr \
-subj "/C=BB/ST=BB/L=BB/O=BB Ltd/OU=BB/CN=${client_domain}/emailAddress=abc@${client_domain}"
echo "Generating client cert signed with CA cert..."
openssl x509 -req -days 365 -CA rootCA.pem -CAkey rootCA.key \
-CAcreateserial -CAserial serial -in ${client_domain}.csr -out ${client_domain}.pem
echo "Generating PFX..."
openssl pkcs12 -export -out ${client_domain}.pfx -inkey ${client_domain}.key -in ${client_domain}.pem
echo "DONE!"
popd
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment