BenoitZugmeyer · March 11, 2016 14:52
diff --git a/generate_certificates.sh b/generate_certificates.sh
 #!/bin/bash

 set -euo pipefail

 if [[ $# -eq 0 ]]; then
    echo "Usage: $0 mydomain.com"
    exit 1
 fi

 name=$1

 certificate_path="$(pwd)/$name.crt"
 certificate_key_path="$(pwd)/$name.key"
 certificate_signing_request_path="$(pwd)/$name.csr"

 echo -n "Password: "
 read -s password
 echo

 export password

 # Generate a Private Key
 openssl genrsa -des3 -out $name.key -passout env:password 2048

 # Generate a CSR (Certificate Signing Request)
 openssl req \
    -batch \
    -new \
    -key "$certificate_key_path" \
    -out "$certificate_signing_request_path" \
    -subj "/C=FR/ST=France/L=Paris/O=Pwet/CN=*.$name" \
    -passin env:password

 # Remove Passphrase from Key
 cp "$certificate_key_path" "$certificate_key_path.org"
 openssl rsa -in "$certificate_key_path.org" -out "$certificate_key_path" -passin env:password

 # Generating a Self-Signed Certificate
 openssl x509 \
    -req \
    -days 365 \
    -in "$certificate_signing_request_path" \
    -signkey "$certificate_key_path" \
    -out "$certificate_path"

 #openssl pkcs12 -export -out $name.p12 -inkey "$certificate_key_path" -in "$certificate_path" -passout env:password

 openssl req -text -noout -in "$certificate_signing_request_path"

 echo "
 Nginx configuration:

    listen 443 ssl;
    server_name *.$name;

    ssl_certificate $certificate_path;
    ssl_certificate_key $certificate_key_path;

    ssl_session_cache shared:SSL:1m;
    ssl_session_timeout 5m;


 Apache configuration:

    SSLEngine on
    SSLCertificateFile $certificate_path
    SSLCertificateKeyFile $certificate_key_path


 Chromium configuration:

    Settings, 'HTTPS/SSL' section, 'Manage certificates...'
    On 'Authorities tab'
    'Import...', select $certificate_path
    Check 'Trust this certificate for identifying websites.'
    'Ok', 'Done'



 "
	#!/bin/bash

	set -euo pipefail

	if [[ $# -eq 0 ]]; then
	echo "Usage: $0 mydomain.com"
	exit 1
	fi

	name=$1

	certificate_path="$(pwd)/$name.crt"
	certificate_key_path="$(pwd)/$name.key"
	certificate_signing_request_path="$(pwd)/$name.csr"

	echo -n "Password: "
	read -s password
	echo

	export password

	# Generate a Private Key
	openssl genrsa -des3 -out $name.key -passout env:password 2048

	# Generate a CSR (Certificate Signing Request)
	openssl req \
	-batch \
	-new \
	-key "$certificate_key_path" \
	-out "$certificate_signing_request_path" \
	-subj "/C=FR/ST=France/L=Paris/O=Pwet/CN=*.$name" \
	-passin env:password

	# Remove Passphrase from Key
	cp "$certificate_key_path" "$certificate_key_path.org"
	openssl rsa -in "$certificate_key_path.org" -out "$certificate_key_path" -passin env:password

	# Generating a Self-Signed Certificate
	openssl x509 \
	-req \
	-days 365 \
	-in "$certificate_signing_request_path" \
	-signkey "$certificate_key_path" \
	-out "$certificate_path"

	#openssl pkcs12 -export -out $name.p12 -inkey "$certificate_key_path" -in "$certificate_path" -passout env:password

	openssl req -text -noout -in "$certificate_signing_request_path"

	echo "
	Nginx configuration:

	listen 443 ssl;
	server_name *.$name;

	ssl_certificate $certificate_path;
	ssl_certificate_key $certificate_key_path;

	ssl_session_cache shared:SSL:1m;
	ssl_session_timeout 5m;


	Apache configuration:

	SSLEngine on
	SSLCertificateFile $certificate_path
	SSLCertificateKeyFile $certificate_key_path


	Chromium configuration:

	Settings, 'HTTPS/SSL' section, 'Manage certificates...'
	On 'Authorities tab'
	'Import...', select $certificate_path
	Check 'Trust this certificate for identifying websites.'
	'Ok', 'Done'



	"