regluit/sysadmin/csr_temp_cert_for_host.sh

57 lines
1.3 KiB
Bash
Raw Permalink Normal View History

#!/bin/bash
# Cert4Host.sh - Generate SSL Certificates for a host name.
SERVER_KEY_PATH="/etc/ssl/private/server.key"
SERVER_CRT_PATH="/etc/ssl/certs/server.crt"
HOSTNAME="$1";
if [ -z "${HOSTNAME}" ]; then
echo "Usage : Cert4Host.sh HOSTNAME";
exit;
fi
if [ ! -e $SERVER_KEY_PATH ]; then
openssl genrsa -out server.key 2048
else
echo "Key already exists ... skipping ..."
umask 77; cp $SERVER_KEY_PATH server.key
fi
umask 77; openssl rsa -in server.key -out $HOSTNAME.key
# Country Name (2 letter code) [GB]:.
# State or Province Name (full name) [Berkshire]:.
# Locality Name (eg, city) [Newbury]:.
# Organization Name (eg, company) [My Company Ltd]:.
# Organizational Unit Name (eg, section) []:.
# Common Name (eg, your name or your server's hostname) []:.
# Email Address []:.
# A challenge password []:
# An optional company name []:
COUNTRY="US";
STATE="NJ";
LOCALITY="Montclair";
ORGNAME="Gluejar, Inc.";
ORGUNIT="";
CNAME=$HOSTNAME;
EMAIL="eric@gluejar.com";
PASSWORD="";
OPTION_COMPANY_NAME="";
echo "$COUNTRY
$STATE
$LOCALITY
$ORGNAME
$ORGUNIT
$CNAME
$EMAIL
$PASSWORD
$OPTIONAL_COMPANY_NAME" | openssl req -new -key $HOSTNAME.key -out $HOSTNAME.csr
openssl x509 -req -days 999 -in $HOSTNAME.csr -signkey $HOSTNAME.key -out $HOSTNAME.crt
cp $HOSTNAME.key $SERVER_KEY_PATH
cp $HOSTNAME.crt $SERVER_CRT_PATH