Skip to content

Instantly share code, notes, and snippets.

@ptheofan
Last active July 20, 2019 19:50
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save ptheofan/364c64202963017dd3b8fa860df136ce to your computer and use it in GitHub Desktop.
Save ptheofan/364c64202963017dd3b8fa860df136ce to your computer and use it in GitHub Desktop.
Create SSL nginx certs
#!/bin/bash
#
# Author: Paris Theofanidis
# Purpose: All the steps to create an SSL certificate
#
if [ -z "$1" ]
then
echo "Provide the name of the certificate to be generated.";
echo "To generate a certificate for "
echo " mydomain.test"
echo " *.mydomain.test"
echo ""
echo "use the following syntax: ./create.sh mydomain.test"
echo "";
exit;
fi
echo "
[ req ]
default_bits = 2048
default_keyfile = $1.pem
distinguished_name = subject
req_extensions = req_ext
x509_extensions = x509_ext
string_mask = utf8only
[ subject ]
countryName = Country Name (2 letter code)
countryName_default = DE
stateOrProvinceName = State or Province Name (full name)
stateOrProvinceName_default = BE
localityName = Locality Name (eg, city)
localityName_default = Berlin
organizationName = Organization Name (eg, company)
organizationName_default = Dev Cert Auth LLC
commonName = Common Name (e.g. server FQDN or YOUR name)
commonName_default = Dev Cert Auth
emailAddress = Email Address
emailAddress_default = dev@example.com
[ x509_ext ]
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid,issuer
basicConstraints = CA:FALSE
keyUsage = digitalSignature, keyEncipherment
subjectAltName = @alternate_names
nsComment = "OpenSSL Generated Certificate"
[ req_ext ]
subjectKeyIdentifier = hash
basicConstraints = CA:FALSE
keyUsage = digitalSignature, keyEncipherment
subjectAltName = @alternate_names
nsComment = "OpenSSL Generated Certificate"
[ alternate_names ]
DNS.1 = $1
DNS.2 = *.$1
" > create.tmp.conf
openssl req -config create.tmp.conf -new -sha256 -newkey rsa:2048 \
-nodes -keyout $1.key -x509 -days 3650 \
-out $1.cert \
-subj /CN="*.$1"
rm create.tmp.conf
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment