38 lines
1,012 B
Bash
Executable file
38 lines
1,012 B
Bash
Executable file
#!/bin/bash
|
|
|
|
# Use this script to generate a self-signed cert for a given hostname
|
|
# Usage: bin/makecert [hostname]
|
|
# If you do not supply an argument, it will prompt for the hostname
|
|
|
|
if [ -z $1 ]; then
|
|
read -p "Enter hostname: " hostname
|
|
HOSTNAME="$hostname"
|
|
else
|
|
HOSTNAME="$1"
|
|
fi
|
|
|
|
# Replace any spaces with dashes
|
|
HOSTNAME="${HOSTNAME//[ ]/-}"
|
|
|
|
if [ -z "$HOSTNAME" ]; then
|
|
echo "Aborting..."
|
|
exit 1
|
|
fi
|
|
|
|
echo "Making cert and key for host '$HOSTNAME'"
|
|
|
|
openssl req -x509 -newkey rsa:4096 -nodes\
|
|
-days 365 -subj "/CN=$HOSTNAME"\
|
|
-keyout "$HOSTNAME.key.pem"\
|
|
-out "$HOSTNAME.cert.pem"
|
|
|
|
# Use this one below with the -addext to include multiple domains (e.g. subdomains)
|
|
#openssl req -x509 -newkey rsa:4096 -nodes\
|
|
# -days 365 -subj "/CN=$HOSTNAME"\
|
|
# -keyout "$HOSTNAME.key.pem"\
|
|
# -out "$HOSTNAME.cert.pem"
|
|
# -addext "subjectAltName=DNS:example.com,DNS:www.example.net,IP:10.0.0.1"
|
|
|
|
# To inspect a cert use the following command
|
|
#openssl x509 -in <path/to/cert/file> -text -noout
|