Created
July 1, 2011 01:31
-
-
Save phil-monroe/1057689 to your computer and use it in GitHub Desktop.
This shell script facilitates the creation of a signed SSL certificate. The SSL certificate is signed using a Certificate Authority(CA) that is generated.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Basic Config | |
certs_dir='certs' | |
num_bits=2048 | |
serial_num=01 | |
ca_name='ca' | |
server_name='server' | |
echo '%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%' | |
echo '%% Creating Directory to hold Certs %%' | |
echo '%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%' | |
mkdir $certs_dir | |
cd $certs_dir | |
echo | |
echo '%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%' | |
echo '%% Creating Certificate Authority %%' | |
echo '%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%' | |
# Create CA Key | |
openssl genrsa -des3 -out $ca_name.key $num_bits | |
# Create CA Cert | |
openssl req -new -x509 -days 365 -key $ca_name.key -out $ca_name.pem | |
echo | |
echo '%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%' | |
echo '%% Creating server key and request for signing %%' | |
echo '%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%' | |
openssl genrsa -des3 -out $server_name.key $num_bits | |
openssl req -new -key $server_name.key -out $server_name.csr | |
echo | |
echo '%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%' | |
echo '%% Sign the certificate signing request %%' | |
echo '%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%' | |
openssl x509 -req -days 365 -in $server_name.csr -CA $ca_name.pem -CAkey $ca_name.key -set_serial $serial_num -out $server_name.crt | |
echo | |
echo '%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%' | |
echo '%% Strip Password from server key %%' | |
echo '%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%' | |
openssl rsa -in $server_name.key -out $server_name.key.insecure | |
mv $server_name.key $server_name.key.secure | |
cp $server_name.key.insecure $server_name.key | |
echo |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment