| #!/bin/bash | |
| mkdir ~/local-ssl > /dev/null 2>&1 | |
| ### ADD DOMAINS HERE ### | |
| declare -a domains=( "" ) | |
| # Loop through the domains | |
| for domain in "${domains[@]}" | |
| do | |
| cd ~/local-ssl | |
| mkdir "$domain" && cd "$domain" | |
| echo " | |
| [req] | |
| default_bits = 2048 | |
| distinguished_name = req_distinguished_name | |
| req_extensions = req_ext | |
| x509_extensions = v3_req | |
| prompt = no | |
| [req_distinguished_name] | |
| countryName = XX | |
| stateOrProvinceName = N/A | |
| localityName = N/A | |
| organizationName = Self-signed certificate | |
| commonName = '$domain': Self-signed certificate | |
| [req_ext] | |
| subjectAltName = @alt_names | |
| [v3_req] | |
| subjectAltName = @alt_names | |
| [alt_names] | |
| DNS.1 = '$domain'" >> "ssl-config-$domain" | |
| # Generate the cert | |
| openssl req -x509 -nodes -days 730 -newkey rsa:2048 -keyout KEY-$domain.pem -out CERT-$domain.pem -config "ssl-config-$domain" > /dev/null 2>&1 | |
| echo "Generated certificate for $domain." | |
| # Add to macOS keychain and trust | |
| sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain CERT-$domain.pem | |
| echo "Added to Keychain." | |
| done |