Last active
December 8, 2020 15:57
-
-
Save kiwixz/d3f7dde83cb5fe16befeafe87cc12e81 to your computer and use it in GitHub Desktop.
Generate OpenSSL PKI
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh -e | |
echo " > Generating CA key..." | |
openssl genpkey -algorithm ed25519 > "ca.key" | |
echo " > Generating CA certificate..." | |
openssl req -days 3650 -new -x509 -key "ca.key" -out "ca.pem" -subj "/CN=ca" | |
echo " > Generating server key..." | |
openssl genpkey -algorithm ed25519 > "server.key" | |
echo " > Generating server certificate request..." | |
openssl req -new -key "server.key" -out "server.csr" -subj "/CN=server" -addext "subjectAltName=DNS:server" | |
echo " > Signing server certificate request..." | |
openssl x509 -req -days 3650 -in "server.csr" -CA "ca.pem" -CAcreateserial -CAkey "ca.key" -out "server.pem" -extfile <(echo "subjectAltName=DNS:server") |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment