Skip to content

Instantly share code, notes, and snippets.

@tomfun

tomfun/gen.sh

Created September 4, 2015 10:30
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save tomfun/02a3022299a54685354b to your computer and use it in GitHub Desktop.
Save tomfun/02a3022299a54685354b to your computer and use it in GitHub Desktop.
Download ZIP
generate ssl certificate/wildcard
Raw
gen.sh
#!/usr/bin/env bash
# https://serversforhackers.com/self-signed-ssl-certificates
# http://stackoverflow.com/questions/7580508/getting-chrome-to-accept-self-signed-localhost-certificate
# Specify where we will install
# the xip.io certificate
SSL_DIR="/home/tomfun/prj/ssl/o.o"
SSL_FILE="o.o"
# Set the wildcarded domain
# we want to use
DOMAIN="*.o.o"
# A blank passphrase
PASSPHRASE=""
# Set our CSR variables
SUBJ="
C=UA
ST=None
O=
localityName=Kharkiv
commonName=$DOMAIN
organizationalUnitName=
emailAddress=tomfun1990@gmail.com
"
# Create our SSL directory
# in case it doesn't exist
mkdir -p "$SSL_DIR"
# Generate our Private Key, CSR and Certificate
openssl genrsa -out "$SSL_DIR/$SSL_FILE.key" 2048
openssl req -new -subj "$(echo -n "$SUBJ" | tr "\n" "/")" -key "$SSL_DIR/$SSL_FILE.key" -out "$SSL_DIR/$SSL_FILE.csr" -passin pass:$PASSPHRASE
openssl x509 -req -days 768 -in "$SSL_DIR/$SSL_FILE.csr" -signkey "$SSL_DIR/$SSL_FILE.key" -out "$SSL_DIR/$SSL_FILE.crt"
echo "remember passphrase, it will asked for in browser"
openssl pkcs12 -export -out "$SSL_DIR/$SSL_FILE.p12" -inkey "$SSL_DIR/$SSL_FILE.key" -in "$SSL_DIR/$SSL_FILE.crt" -certfile "$SSL_DIR/$SSL_FILE.crt"
ls -lA "$SSL_DIR"
echo -e "\n Add\n$SSL_DIR/$SSL_FILE.p12\n to your browser\n"
echo "Copy to nginx..."
sudo cp "$SSL_DIR/$SSL_FILE.crt" /etc/ssl/certs/
sudo cp "$SSL_DIR/$SSL_FILE.key" /etc/ssl/private/
echo "http://joxi.ru/gmvjOyYFPDP0ma http://joxi.ru/Vm6kz8aHaYa82Z"
@odesskij
Copy link

odesskij commented Sep 4, 2015

nginx:

server {  
  listen 443 ssl;
  ssl on;
  ssl_certificate     /etc/ssl/certs/<$SSL_FILE>.crt;
  ssl_certificate_key /etc/ssl/private/<$SSL_FILE>.key;

  server_name <$DOMAIN>;

  ....
}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment