Initial commit
This commit is contained in:
commit
a71491c068
13 changed files with 1470 additions and 0 deletions
29
mkcert.sh
Normal file
29
mkcert.sh
Normal file
|
|
@ -0,0 +1,29 @@
|
|||
#!/bin/bash
|
||||
|
||||
# $1 is the first script argument, that will be the certificate's name.
|
||||
# Other arguments are other domain names to be added to the certificate.
|
||||
|
||||
# Generate secret key
|
||||
openssl req -new -nodes -out certs/$1.csr -newkey rsa:2048 -keyout certs/$1.key -subj "/CN=$1/C=AT/ST=Vienna/L=Vienna/O=MyOrg"
|
||||
|
||||
# Write certificate information
|
||||
cat > certs/$1.v3.ext << EOF
|
||||
authorityKeyIdentifier=keyid,issuer
|
||||
basicConstraints=CA:FALSE
|
||||
keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
|
||||
subjectAltName = @alt_names
|
||||
[alt_names]
|
||||
EOF
|
||||
|
||||
# Iterate script arguments
|
||||
let i=1
|
||||
for name in "$@"
|
||||
do
|
||||
echo "DNS.$i = $name" >> certs/$1.v3.ext
|
||||
let i++
|
||||
echo "DNS.$i = $name.localhost" >> certs/$1.v3.ext
|
||||
let i++
|
||||
done
|
||||
|
||||
# Sign certificate with CA
|
||||
openssl x509 -req -in certs/$1.csr -CA certs/ca.crt -CAkey certs/ca.key -CAcreateserial -out certs/$1.crt -days 730 -sha256 -extfile certs/$1.v3.ext -passin pass:foo
|
||||
Loading…
Add table
Add a link
Reference in a new issue