jerza90/renew.sh

## renew.sh
#!/bin/sh
CRTPATH=$(pwd -W)
for i in *.key ; do
    DOMAIN=${i%.key}
    cat << EOF > openssl_$DOMAIN.conf
[req]
distinguished_name = req_distinguished_name
req_extensions = v3_req
prompt = no
[req_distinguished_name]
C = US
ST = VA
L = SomeCity
O = MyCompany
OU = MyDivision
CN = $DOMAIN
[v3_req]
keyUsage = keyEncipherment, dataEncipherment
extendedKeyUsage = serverAuth
subjectAltName = @alt_names
[alt_names]
DNS.1 = www.$DOMAIN
DNS.2 = $DOMAIN
EOF
    openssl req -new -nodes -keyout $DOMAIN.key -out $DOMAIN.csr -config openssl_$DOMAIN.conf -batch
    openssl x509 -req -extfile openssl_$DOMAIN.conf -days 365 -in $DOMAIN.csr -signkey $DOMAIN.key -out $DOMAIN.crt -extensions v3_req
    openssl x509 -text -noout -in $DOMAIN.crt
    certutil -delstore "Root" "$DOMAIN"
    certutil -f -addstore "Root" "$CRTPATH/$DOMAIN.crt"
done
rm -f *.csr *.conf *.confe *.acc.crt *.acc.key
	#!/bin/sh
	CRTPATH=$(pwd -W)
	for i in *.key ; do
	DOMAIN=${i%.key}
	cat << EOF > openssl_$DOMAIN.conf
	[req]
	distinguished_name = req_distinguished_name
	req_extensions = v3_req
	prompt = no
	[req_distinguished_name]
	C = US
	ST = VA
	L = SomeCity
	O = MyCompany
	OU = MyDivision
	CN = $DOMAIN
	[v3_req]
	keyUsage = keyEncipherment, dataEncipherment
	extendedKeyUsage = serverAuth
	subjectAltName = @alt_names
	[alt_names]
	DNS.1 = www.$DOMAIN
	DNS.2 = $DOMAIN
	EOF
	openssl req -new -nodes -keyout $DOMAIN.key -out $DOMAIN.csr -config openssl_$DOMAIN.conf -batch
	openssl x509 -req -extfile openssl_$DOMAIN.conf -days 365 -in $DOMAIN.csr -signkey $DOMAIN.key -out $DOMAIN.crt -extensions v3_req
	openssl x509 -text -noout -in $DOMAIN.crt
	certutil -delstore "Root" "$DOMAIN"
	certutil -f -addstore "Root" "$CRTPATH/$DOMAIN.crt"
	done
	rm -f .csr .conf .confe .acc.crt *.acc.key