Created
May 13, 2020 08:30
-
-
Save mrvanes/04930934d642d7417e31adbd34304db3 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
DOMAIN=$1 | |
if [ "$DOMAIN" = "" ]; then | |
echo "Please supply domain" | |
exit | |
fi | |
CONFFILE=/tmp/${DOMAIN}-$$.cnf | |
C=NL | |
O=${DOMAIN} | |
CN=${DOMAIN} | |
#ST="ST" | |
#OU="OU" | |
EMAIL="info@${DOMAIN}" | |
YEARS=10 | |
# Create configuration | |
DAYS=$(( $YEARS * 365)) | |
echo "Generating CONF file" | |
cat <<@eof >$CONFFILE | |
extensions = extend | |
[req] # openssl req params | |
prompt = no | |
distinguished_name = dn-param | |
[dn-param] # DN fields | |
C = $C | |
O = $O | |
CN = $CN | |
emailAddress = $EMAIL | |
[extend] # openssl extensions | |
subjectAltName=DNS:${DOMAIN},DNS:*.${DOMAIN} | |
@eof | |
# Generate SelfSigned cert | |
echo "Generating key" | |
openssl genrsa -out ${DOMAIN}.key 2048 | |
echo "Generating csr" | |
openssl req -new -key ${DOMAIN}.key -config $CONFFILE -out ${DOMAIN}.csr | |
echo "Generating crt" | |
openssl x509 -req -sha256 -days $DAYS -in ${DOMAIN}.csr -signkey ${DOMAIN}.key -text -extfile $CONFFILE -out ${DOMAIN}.crt | |
rm $CONFFILE | |
echo "Show crt" | |
openssl x509 -in ${DOMAIN}.crt -noout -text -certopt no_sigdump,no_pubkey | |
echo "Verify crt" | |
openssl verify -check_ss_sig -CAfile ${DOMAIN}.crt ${DOMAIN}.crt | |
echo "Create pfx using pwd welkom" | |
openssl pkcs12 -export -passout pass:welkom -in ${DOMAIN}.crt -inkey ${DOMAIN}.key -out ${DOMAIN}.pfx |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment