romantech/cert-generator.sh

## cert-generator.sh
#!/bin/bash

# 기본 값 설정
DAYS=365
OUTPUT_DIR="."

# 사용법 안내 함수
usage() {
  echo "Usage: $(basename $0) [-d days] [-o output_dir]"
  echo "  -d days         Number of days the certificate is valid (default: 365)"
  echo "  -o output_dir   Directory to save the generated files (default: current directory)"
  exit 1
}

# openssl 설치 확인 함수
check_openssl() {
  if ! command -v openssl &>/dev/null; then
    echo "Error: openssl is not installed." >&2
    exit 1
  fi
}

# 에러 핸들링 함수
error_exit() {
  echo "Error: $1" >&2
  exit 1
}

# 파일 생성 함수
generate_files() {
  # 개인키 생성
  echo "Generating private key..."
  openssl genpkey -algorithm RSA -out "$KEY_FILE" -pkeyopt rsa_keygen_bits:2048 || error_exit "Failed to generate private key"
  echo "Private key generated: $KEY_FILE"

  # CSR 생성
  echo "Generating CSR..."
  openssl req -new -key "$KEY_FILE" -out "$CSR_FILE" -config "$OPENSSL_CNF_FILE" -batch || error_exit "Failed to generate CSR"
  echo "CSR generated: $CSR_FILE"

  # 자체 서명된 인증서 생성
  echo "Generating self-signed certificate..."
  openssl x509 -req -in "$CSR_FILE" -signkey "$KEY_FILE" -out "$CERT_FILE" -days $DAYS -extensions x509_ext -extfile "$OPENSSL_CNF_FILE" || error_exit "Failed to generate self-signed certificate"
  echo "Self-signed certificate generated: $CERT_FILE (Valid for $DAYS days)"

  # 인증서 확인
  echo "Verifying certificate..."
  openssl x509 -in "$CERT_FILE" -text -noout || error_exit "Failed to verify certificate"
  echo "Certificate verification completed."
}

# 옵션 파싱
while getopts "d:o:" opt; do
  case ${opt} in
  d)
    if ! [[ $OPTARG =~ ^[0-9]+$ ]]; then
      echo "Error: Invalid number of days: $OPTARG" >&2
      usage
    fi
    DAYS=$OPTARG
    ;;
  o)
    OUTPUT_DIR=$OPTARG
    ;;
  *)
    usage
    ;;
  esac
done

# 디렉토리 존재 여부 확인 및 생성
if [ ! -d "$OUTPUT_DIR" ]; then
  mkdir -p "$OUTPUT_DIR" || error_exit "Failed to create directory: $OUTPUT_DIR"
fi

# 파일 경로 설정
KEY_FILE="$OUTPUT_DIR/key.localhost.pem"
CSR_FILE="$OUTPUT_DIR/csr.localhost.pem"
CERT_FILE="$OUTPUT_DIR/cert.localhost.pem"

# openssl 설치 확인
check_openssl

# .cnf 파일 찾기
OPENSSL_CNF_FILE=$(find . -maxdepth 1 -name "*.cnf" | head -n 1)

# .cnf 파일 검증
if [ -z "$OPENSSL_CNF_FILE" ]; then
  error_exit "*.cnf file not found"
fi

# 임시 파일 정리 함수
cleanup() {
  echo "Cleaning up temporary files..."
  rm -f "$CSR_FILE"
  echo "Temporary files cleaned up."
}
trap cleanup EXIT

# 파일 생성 함수 호출
generate_files

echo "All steps completed successfully."
	#!/bin/bash

	# 기본 값 설정
	DAYS=365
	OUTPUT_DIR="."

	# 사용법 안내 함수
	usage() {
	echo "Usage: $(basename $0) [-d days] [-o output_dir]"
	echo " -d days Number of days the certificate is valid (default: 365)"
	echo " -o output_dir Directory to save the generated files (default: current directory)"
	exit 1
	}

	# openssl 설치 확인 함수
	check_openssl() {
	if ! command -v openssl &>/dev/null; then
	echo "Error: openssl is not installed." >&2
	exit 1
	fi
	}

	# 에러 핸들링 함수
	error_exit() {
	echo "Error: $1" >&2
	exit 1
	}

	# 파일 생성 함수
	generate_files() {
	# 개인키 생성
	echo "Generating private key..."
	openssl genpkey -algorithm RSA -out "$KEY_FILE" -pkeyopt rsa_keygen_bits:2048 \|\| error_exit "Failed to generate private key"
	echo "Private key generated: $KEY_FILE"

	# CSR 생성
	echo "Generating CSR..."
	openssl req -new -key "$KEY_FILE" -out "$CSR_FILE" -config "$OPENSSL_CNF_FILE" -batch \|\| error_exit "Failed to generate CSR"
	echo "CSR generated: $CSR_FILE"

	# 자체 서명된 인증서 생성
	echo "Generating self-signed certificate..."
	openssl x509 -req -in "$CSR_FILE" -signkey "$KEY_FILE" -out "$CERT_FILE" -days $DAYS -extensions x509_ext -extfile "$OPENSSL_CNF_FILE" \|\| error_exit "Failed to generate self-signed certificate"
	echo "Self-signed certificate generated: $CERT_FILE (Valid for $DAYS days)"

	# 인증서 확인
	echo "Verifying certificate..."
	openssl x509 -in "$CERT_FILE" -text -noout \|\| error_exit "Failed to verify certificate"
	echo "Certificate verification completed."
	}

	# 옵션 파싱
	while getopts "d:o:" opt; do
	case ${opt} in
	d)
	if ! [[ $OPTARG =~ ^[0-9]+$ ]]; then
	echo "Error: Invalid number of days: $OPTARG" >&2
	usage
	fi
	DAYS=$OPTARG
	;;
	o)
	OUTPUT_DIR=$OPTARG
	;;
	*)
	usage
	;;
	esac
	done

	# 디렉토리 존재 여부 확인 및 생성
	if [ ! -d "$OUTPUT_DIR" ]; then
	mkdir -p "$OUTPUT_DIR" \|\| error_exit "Failed to create directory: $OUTPUT_DIR"
	fi

	# 파일 경로 설정
	KEY_FILE="$OUTPUT_DIR/key.localhost.pem"
	CSR_FILE="$OUTPUT_DIR/csr.localhost.pem"
	CERT_FILE="$OUTPUT_DIR/cert.localhost.pem"

	# openssl 설치 확인
	check_openssl

	# .cnf 파일 찾기
	OPENSSL_CNF_FILE=$(find . -maxdepth 1 -name "*.cnf" \| head -n 1)

	# .cnf 파일 검증
	if [ -z "$OPENSSL_CNF_FILE" ]; then
	error_exit "*.cnf file not found"
	fi

	# 임시 파일 정리 함수
	cleanup() {
	echo "Cleaning up temporary files..."
	rm -f "$CSR_FILE"
	echo "Temporary files cleaned up."
	}
	trap cleanup EXIT

	# 파일 생성 함수 호출
	generate_files

	echo "All steps completed successfully."