praseodym/csr.sh

## csr.sh
#!/bin/bash
# csr.sh: Certificate Signing Request Generator

set -e

if [ $# -lt 1 ]; then
    echo "Usage: $0 hostname [alt.hostname1] [alt.hostname2]"
    exit 1
fi

LASTUMASK=`umask`
umask 077

HOST=$1
SAN="DNS:${HOST}"
shift

while [ -n "$1" ]; do
    SAN="${SAN},DNS:$1"
    shift
done

openssl req -new -newkey rsa:2048 -keyout ${HOST}.key -sha512 -nodes -batch -reqexts SAN \
  -subj "/C=NL/ST=Zuid-Holland/L=Delft/O=W.I.S.V. \'Christiaan Huygens\'/OU=Beheer/CN=${HOST}/emailAddress=beheer@ch.tudelft.nl" \
  -config /dev/stdin > ${HOST}.csr <<EOF
$(cat "$(openssl version -d | cut -d\" -f2)/openssl.cnf")

[SAN]
subjectAltName=$SAN
EOF

umask $LASTUMASK

set -x
openssl req -text -noout -verify -in ${HOST}.csr
cat ${HOST}.csr
	#!/bin/bash
	# csr.sh: Certificate Signing Request Generator

	set -e

	if [ $# -lt 1 ]; then
	echo "Usage: $0 hostname [alt.hostname1] [alt.hostname2]"
	exit 1
	fi

	LASTUMASK=`umask`
	umask 077

	HOST=$1
	SAN="DNS:${HOST}"
	shift

	while [ -n "$1" ]; do
	SAN="${SAN},DNS:$1"
	shift
	done

	openssl req -new -newkey rsa:2048 -keyout ${HOST}.key -sha512 -nodes -batch -reqexts SAN \
	-subj "/C=NL/ST=Zuid-Holland/L=Delft/O=W.I.S.V. \'Christiaan Huygens\'/OU=Beheer/CN=${HOST}/emailAddress=beheer@ch.tudelft.nl" \
	-config /dev/stdin > ${HOST}.csr <<EOF
	$(cat "$(openssl version -d \| cut -d\" -f2)/openssl.cnf")

	[SAN]
	subjectAltName=$SAN
	EOF

	umask $LASTUMASK

	set -x
	openssl req -text -noout -verify -in ${HOST}.csr
	cat ${HOST}.csr