Created
November 3, 2015 15:41
-
-
Save vladsf/553d877495963b689bde to your computer and use it in GitHub Desktop.
Make new server certificate request with new RSA key
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
umask 077 | |
answers() { | |
HOSTNAME=`hostname` | |
echo " | |
[ req ] | |
distinguished_name = req_DN | |
[ req_DN ] | |
0.organizationName = \"1. Organization Name (leave as is)\" | |
0.organizationName_default = Some Corporation | |
commonName = \"2. Common Name (eg, abc.corp.com)\" | |
commonName_max = 64 | |
commonName_default = $HOSTNAME | |
countryName = Country Name (2 letter code) | |
countryName_default = US | |
countryName_min = 2 | |
countryName_max = 2 | |
stateOrProvinceName = State or Province Name | |
stateOrProvinceName_default = California | |
stateOrProvinceName_max = 64 | |
localityName = Locality Name (eg. city) | |
localityName_default = Redwood City | |
localityName_max = 64 | |
" | |
} | |
if [ $# -eq 0 ] ; then | |
echo $"Usage: `basename $0` filename [...]" | |
exit 0 | |
fi | |
for target in $@ ; do | |
PEM1=`/usr/bin/mktemp /tmp/openssl.XXXXXX` | |
PEM2=`/usr/bin/mktemp /tmp/openssl.XXXXXX` | |
CFG1=`/usr/bin/mktemp /tmp/openssl.XXXXXX` | |
trap "rm -f $PEM1 $PEM2 $CFG1" SIGINT | |
answers > $CFG1 | |
/usr/bin/openssl req -newkey rsa:2048 -keyout $PEM1 -nodes -sha256 -config $CFG1 -out $PEM2 | |
cat $PEM1 > ${target} | |
echo "" >> ${target} | |
cat $PEM2 >> ${target} | |
rm -f $PEM1 $PEM2 $CFG1 | |
done | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment