57 lines
1.3 KiB
Bash
Executable File
57 lines
1.3 KiB
Bash
Executable File
#!/bin/bash
|
|
# Cert4Host.sh - Generate SSL Certificates for a host name.
|
|
|
|
SERVER_KEY_PATH="/etc/ssl/private/server.key"
|
|
SERVER_CRT_PATH="/etc/ssl/certs/server.crt"
|
|
|
|
HOSTNAME="$1";
|
|
|
|
if [ -z "${HOSTNAME}" ]; then
|
|
echo "Usage : Cert4Host.sh HOSTNAME";
|
|
exit;
|
|
fi
|
|
|
|
if [ ! -e $SERVER_KEY_PATH ]; then
|
|
openssl genrsa -out server.key 2048
|
|
else
|
|
echo "Key already exists ... skipping ..."
|
|
umask 77; cp $SERVER_KEY_PATH server.key
|
|
fi
|
|
|
|
umask 77; openssl rsa -in server.key -out $HOSTNAME.key
|
|
|
|
# Country Name (2 letter code) [GB]:.
|
|
# State or Province Name (full name) [Berkshire]:.
|
|
# Locality Name (eg, city) [Newbury]:.
|
|
# Organization Name (eg, company) [My Company Ltd]:.
|
|
# Organizational Unit Name (eg, section) []:.
|
|
# Common Name (eg, your name or your server's hostname) []:.
|
|
# Email Address []:.
|
|
# A challenge password []:
|
|
# An optional company name []:
|
|
|
|
COUNTRY="US";
|
|
STATE="NJ";
|
|
LOCALITY="Montclair";
|
|
ORGNAME="Gluejar, Inc.";
|
|
ORGUNIT="";
|
|
CNAME=$HOSTNAME;
|
|
EMAIL="eric@gluejar.com";
|
|
PASSWORD="";
|
|
OPTION_COMPANY_NAME="";
|
|
|
|
echo "$COUNTRY
|
|
$STATE
|
|
$LOCALITY
|
|
$ORGNAME
|
|
$ORGUNIT
|
|
$CNAME
|
|
$EMAIL
|
|
$PASSWORD
|
|
$OPTIONAL_COMPANY_NAME" | openssl req -new -key $HOSTNAME.key -out $HOSTNAME.csr
|
|
|
|
openssl x509 -req -days 999 -in $HOSTNAME.csr -signkey $HOSTNAME.key -out $HOSTNAME.crt
|
|
|
|
cp $HOSTNAME.key $SERVER_KEY_PATH
|
|
cp $HOSTNAME.crt $SERVER_CRT_PATH
|