laragon refresh certificates

renew.sh

#!/bin/sh
CRTPATH=$(pwd -W)
for i in *.key ; do
    DOMAIN=${i%.key}
    cat << EOF > openssl_$DOMAIN.conf
[req]
distinguished_name = req_distinguished_name
req_extensions = v3_req
prompt = no
[req_distinguished_name]
C = US
ST = VA
L = SomeCity
O = MyCompany
OU = MyDivision
CN = $DOMAIN
[v3_req]
keyUsage = keyEncipherment, dataEncipherment
extendedKeyUsage = serverAuth
subjectAltName = @alt_names
[alt_names]
DNS.1 = www.$DOMAIN
DNS.2 = $DOMAIN
EOF
    openssl req -new -nodes -keyout $DOMAIN.key -out $DOMAIN.csr -config openssl_$DOMAIN.conf -batch
    openssl x509 -req -extfile openssl_$DOMAIN.conf -days 365 -in $DOMAIN.csr -signkey $DOMAIN.key -out $DOMAIN.crt -extensions v3_req
    openssl x509 -text -noout -in $DOMAIN.crt   
    certutil -delstore "Root" "$DOMAIN"
    certutil -f -addstore "Root" "$CRTPATH/$DOMAIN.crt"
done
rm -f *.csr *.conf *.confe *.acc.crt *.acc.key

This also adds the SAN fields to the certificate.

To use this:

0. if you are using this on a linux environment change the certutil parts to the related certificate registration command

1. copy this file to laragon/etc/ssl directory where the certificates reside.

2. run it via a shell

3. restart apache & nginx

It works fine, thank You!
I added a new line after Yours and create a function in my ~/.bashrc file:

# File: renew.sh
# ...
`[[ -v "LARAGON_ROOT" ]] && $LARAGON_ROOT/laragon reload`

---

# File: ~/.bashrc (after modification: source ~/.bashrc)
# ...
function renew_ssl() {
    [[ -v "LARAGON_ROOT" ]] || exit
    cd $LARAGON_ROOT/etc/ssl && sh renew.sh && cd -
}

@nandordundas You're welcome 👍