Last active
July 21, 2018 16:29
-
-
Save DrSnowbird/7b5452b84d4e3450ad6d9b87dd593eb3 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| ## references: | |
| ## 1.) https://www.digitalocean.com/community/tutorials/openssl-essentials-working-with-ssl-certificates-private-keys-and-csrs | |
| function usage() { | |
| if [ $# -lt 1 ]; then | |
| echo "----------------------------------------------------------------------" | |
| echo "---------------------------- USAGE -----------------------------------" | |
| echo "----------------------------------------------------------------------" | |
| echo "$0 [<CERT_BASENAME>:-domain] [<CERT_DAYS>:-999]" | |
| echo "CERT_BASENAME: default=domain, change to some name - no space allowed!" | |
| echo "CERT_DAYS: default=1095 (3 years)" | |
| fi | |
| } | |
| usage $* | |
| CERT_BASENAME="${1:-domain}" | |
| CERT_DAYS=${2:-999} | |
| SUBJ="/C=US/ST=State/L=Local/O=Company/CN=domain" | |
| echo -e "\n----------------------------------------------------------------------" | |
| echo "#### ---- Configurations: -----" | |
| echo "----------------------------------------------------------------------" | |
| echo "CERT_BASENAME=${CERT_BASENAME} (for *.key, csr, crt files)" | |
| echo "CERT_DAYS=${CERT_DAYS}" | |
| echo "SUBJ=${SUBJ}" | |
| echo -e "\n----------------------------------------------------------------------" | |
| echo "#### ---- OpenSSL version information: -----" | |
| echo "----------------------------------------------------------------------" | |
| openssl version -a | |
| echo -e "\n----------------------------------------------------------------------" | |
| echo "#### ---- Generate Private Key & Self-signing Certificat: -----" | |
| echo "----------------------------------------------------------------------" | |
| openssl req \ | |
| -newkey rsa:2048 -nodes -keyout ${CERT_BASENAME}.key \ | |
| -x509 -days ${CERT_DAYS} -out ${CERT_BASENAME}.crt \ | |
| -subj ${SUBJ} | |
| echo -e "\n----------------------------------------------------------------------" | |
| echo "#### ---- Generate CSR (Certificate Signing Request): -----" | |
| echo "----------------------------------------------------------------------" | |
| openssl req \ | |
| -key ${CERT_BASENAME}.key \ | |
| -new -out ${CERT_BASENAME}.csr \ | |
| -subj ${SUBJ} | |
| ls -al ${CERT_BASENAME}* | |
| echo -e "\n----------------------------------------------------------------------" | |
| echo "#### ---- Validate Key, CSR, Self-Signing Certificate: ----" | |
| echo "----------------------------------------------------------------------" | |
| openssl rsa -noout -modulus -in ${CERT_BASENAME}.key | openssl md5 | |
| openssl x509 -noout -modulus -in ${CERT_BASENAME}.crt | openssl md5 | |
| openssl req -noout -modulus -in ${CERT_BASENAME}.csr | openssl md5 | |
| echo ">>> All three MD5 output above should be the same to be validate!" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment