Attention: this is the key used to sign the certificate requests, anyone holding this can sign certificates on your behalf. So keep it in a safe place!
openssl genrsa -des3 -out rootCA.key 4096
#!/usr/bin/env bash | |
# The id of the certificate to install. | |
CERT_ID="$1" | |
# The packages whose certificate to replace. | |
CERT_PKGS="${@:2}" | |
# The directory that holds to certificate to import. | |
CERT_IMPORT_DIR="/tmp/certificate/$CERT_ID" |
#!/bin/sh | |
# Generate self signed root CA cert | |
openssl req -nodes -x509 -newkey rsa:2048 -keyout ca.key -out ca.crt -subj "/C=AU/ST=NSW/L=Sydney/O=MongoDB/OU=root/CN=`hostname -f`/emailAddress=kevinadi@mongodb.com" | |
# Generate server cert to be signed | |
openssl req -nodes -newkey rsa:2048 -keyout server.key -out server.csr -subj "/C=AU/ST=NSW/L=Sydney/O=MongoDB/OU=server/CN=`hostname -f`/emailAddress=kevinadi@mongodb.com" | |
# Sign the server cert |
#!/bin/bash | |
# CHANGE THESE | |
auth_email="user@example.com" | |
auth_key="c2547eb745079dac9320b638f5e225cf483cc5cfdda41" # found in cloudflare account settings | |
zone_name="example.com" | |
record_name="www.example.com" | |
# MAYBE CHANGE THESE | |
ip=$(curl -s http://ipv4.icanhazip.com) |