kernelkaribou

## synology-import-ssl.sh
#!/usr/bin/env bash

# The id of the certificate to install.
CERT_ID="$1"

# The packages whose certificate to replace.
CERT_PKGS="${@:2}"

# The directory that holds to certificate to import.
CERT_IMPORT_DIR="/tmp/certificate/$CERT_ID"

## mongodb-ssl.sh
#!/bin/sh

# Generate self signed root CA cert
openssl req -nodes -x509 -newkey rsa:2048 -keyout ca.key -out ca.crt -subj "/C=AU/ST=NSW/L=Sydney/O=MongoDB/OU=root/CN=`hostname -f`/emailAddress=kevinadi@mongodb.com"


# Generate server cert to be signed
openssl req -nodes -newkey rsa:2048 -keyout server.key -out server.csr -subj "/C=AU/ST=NSW/L=Sydney/O=MongoDB/OU=server/CN=`hostname -f`/emailAddress=kevinadi@mongodb.com"

# Sign the server cert

## self-signed-certificate-with-custom-ca.md

      
              1 file
            
          
              424 forks
            
          
              49 comments
            
          
              1360 stars
            
          
                fntlnz
                / self-signed-certificate-with-custom-ca.md
            
            
              Last active
              June 25, 2024 12:19
            
              
                Self Signed Certificate with Custom Root CA
              
          
    Create Root CA (Done once)

Create Root Key

Attention: this is the key used to sign the certificate requests, anyone holding this can sign certificates on your behalf. So keep it in a safe place!
openssl genrsa -des3 -out rootCA.key 4096

  
## cloudflare-update-record.sh
#!/bin/bash

# CHANGE THESE
auth_email="user@example.com"
auth_key="c2547eb745079dac9320b638f5e225cf483cc5cfdda41" # found in cloudflare account settings
zone_name="example.com"
record_name="www.example.com"

# MAYBE CHANGE THESE
ip=$(curl -s http://ipv4.icanhazip.com)

## ca.md

      
              1 file
            
          
              308 forks
            
          
              76 comments
            
          
              1114 stars
            
          
                soarez
                / ca.md
            
            
              Last active
              June 19, 2024 19:32
            
              
                How to setup your own CA with OpenSSL
              
          
    How to setup your own CA with OpenSSL

For educational reasons I've decided to create my own CA.
Here is what I learned.
First things first

Lets get some context first.
	#!/usr/bin/env bash

	# The id of the certificate to install.
	CERT_ID="$1"

	# The packages whose certificate to replace.
	CERT_PKGS="${@:2}"

	# The directory that holds to certificate to import.
	CERT_IMPORT_DIR="/tmp/certificate/$CERT_ID"
	#!/bin/sh

	# Generate self signed root CA cert
	openssl req -nodes -x509 -newkey rsa:2048 -keyout ca.key -out ca.crt -subj "/C=AU/ST=NSW/L=Sydney/O=MongoDB/OU=root/CN=`hostname -f`/emailAddress=kevinadi@mongodb.com"


	# Generate server cert to be signed
	openssl req -nodes -newkey rsa:2048 -keyout server.key -out server.csr -subj "/C=AU/ST=NSW/L=Sydney/O=MongoDB/OU=server/CN=`hostname -f`/emailAddress=kevinadi@mongodb.com"

	# Sign the server cert
	#!/bin/bash

	# CHANGE THESE
	auth_email="user@example.com"
	auth_key="c2547eb745079dac9320b638f5e225cf483cc5cfdda41" # found in cloudflare account settings
	zone_name="example.com"
	record_name="www.example.com"

	# MAYBE CHANGE THESE
	ip=$(curl -s http://ipv4.icanhazip.com)