Generates commands to create a self signed ssl that actually works. No browser errors as of 06-25-2019!

ssssl.sh

#!/bin/bash
# Generates a self signed ssl that actually works

DOMAIN1=$1
DOMAIN2=$4
IP_ADDRESS=$2
SSL_PATH=$3
CNF_PATH="$SSL_PATH/$DOMAIN1.cnf"
KEY_PATH="$SSL_PATH/$DOMAIN1.key"
CRT_PATH="$SSL_PATH/$DOMAIN1.crt"

echo ""
echo "DOMAIN1: $DOMAIN1"
echo "DOMAIN2: $DOMAIN2"
echo "IP_ADDRESS: $IP_ADDRESS"
echo "SSL_PATH: $SSL_PATH"
echo "CNF_PATH: $CNF_PATH"
echo "KEY_PATH: $KEY_PATH"
echo "CRT_PATH: $CRT_PATH"
echo ""

if [ ! DOMAIN1 ]; then
    echo "Domain not set, example:"
    echo "ssssl domain.com 49.99.99.99 [www.domain.com] [/etc/ssl]"
    exit 125
fi
if [ ! IP_ADDRESS ]; then
    echo "IP Address not set, example:"
    echo "ssssl domain.com 49.99.99.99 [www.domain.com] [/etc/ssl]"
    exit 125
fi
if [ ! SSL_PATH ]; then
    echo "SSL Path not set, example:"
    echo "ssssl domain.com 49.99.99.99 [www.domain.com] [/etc/ssl]"
    exit 125
fi

# Generate config
echo "---------"
echo ""
echo "Create Self-Signed SSL with these commands:"
echo ""

if [ !DOMAIN2 ]; then
    STMT="echo \"\"\"[req]\ndistinguished_name=req\n[san]\nsubjectAltName=DNS:$DOMAIN1,IP:$IP_ADDRESS\"\"\" | sudo tee $CNF_PATH"
    echo -e $STMT
else
    STMT="echo \"\"\"[req]\ndistinguished_name=req\n[san]\nsubjectAltName=DNS:$DOMAIN1,DNS:$DOMAIN2,IP:$IP_ADDRESS\"\"\" | sudo tee $CNF_PATH"
    echo -e $STMT
fi

echo ""
OPENSSL_CMD="sudo openssl req -x509 -newkey rsa:4096 -sha256 -days 3650 -nodes -keyout $KEY_PATH -out $CRT_PATH -extensions san -config $CNF_PATH -subj /CN=$DOMAIN1"
echo $OPENSSL_CMD
echo ""
echo "---------"
echo ""
echo "Here's a nginx snippet for your ssl:"
echo ""
echo "ssl_certificate $CRT_PATH;"
echo "ssl_certificate_key $KEY_PATH;"
echo ""
echo "---------"