adriansuter · July 1, 2024 23:16
diff --git a/cert-template.conf b/cert-template.conf
 [ req ]

 default_bits        = 2048
 default_keyfile     = server-key.pem
 distinguished_name  = subject
 req_extensions      = req_ext
 x509_extensions     = x509_ext
 string_mask         = utf8only

 [ subject ]

 countryName                 = Country Name (2 letter code)
 countryName_default         = US

 stateOrProvinceName         = State or Province Name (full name)
 stateOrProvinceName_default = NY

 localityName                = Locality Name (eg, city)
 localityName_default        = New York

 organizationName            = Organization Name (eg, company)
 organizationName_default    = Example, LLC

 commonName                  = Common Name (e.g. server FQDN or YOUR name)
 commonName_default          = {{DOMAIN}}

 emailAddress                = Email Address
 emailAddress_default        = [email protected]

 [ x509_ext ]

 subjectKeyIdentifier   = hash
 authorityKeyIdentifier = keyid,issuer

 basicConstraints       = CA:FALSE
 keyUsage               = digitalSignature, keyEncipherment
 subjectAltName         = @alternate_names
 nsComment              = "OpenSSL Generated Certificate"

 [ req_ext ]

 subjectKeyIdentifier = hash

 basicConstraints     = CA:FALSE
 keyUsage             = digitalSignature, keyEncipherment
 subjectAltName       = @alternate_names
 nsComment            = "OpenSSL Generated Certificate"

 [ alternate_names ]

 DNS.1       = {{DOMAIN}}
diff --git a/make-cert.bat b/make-cert.bat
 @echo off
 set /p domain="Enter Domain: "
 set OPENSSL_CONF=../conf/openssl.cnf

 REM
 REM Read the "cert-template.conf" file and replace all {{DOMAIN}} placeholders by the entered domain.
 REM Write the result into a new file called "cert.conf".
 REM
 REM @see https://stackoverflow.com/questions/5273937/how-to-replace-substrings-in-windows-batch-file#20227248
 REM
 setlocal enabledelayedexpansion
 set INTEXTFILE=cert-template.conf
 set OUTTEXTFILE=cert.conf
 set SEARCHTEXT={{DOMAIN}}
 set REPLACETEXT=%domain%

 if exist %OUTTEXTFILE% del /F %OUTTEXTFILE%
 for /f "tokens=1,* delims=¶" %%A in ( '"findstr /n ^^ %INTEXTFILE%"') do (
   SET string=%%A
   for /f "delims=: tokens=1,*" %%a in ("!string!") do set "string=%%b"
   if  "!string!" == "" (
       echo.>>%OUTTEXTFILE%
   ) else (
      SET modified=!string:%SEARCHTEXT%=%REPLACETEXT%!
      echo !modified! >> %OUTTEXTFILE%
  )
 )


 REM
 REM Create the target directory.
 REM
 if not exist .\%domain% mkdir .\%domain%


 REM
 REM Create the certificate and key files.
 REM
 ..\bin\openssl req -config %OUTTEXTFILE% -new -sha256 -newkey rsa:2048 -nodes -keyout %domain%\server.key -x509 -days 365 -out %domain%\server.crt


 REM
 REM Delete the written file "cert.conf" as this file would only be used to create the certificate.
 REM
 if exist %OUTTEXTFILE% del /F %OUTTEXTFILE%


 echo.
 echo -----
 echo The certificate was provided.
 echo.
 pause
	[ req ]

	default_bits = 2048
	default_keyfile = server-key.pem
	distinguished_name = subject
	req_extensions = req_ext
	x509_extensions = x509_ext
	string_mask = utf8only

	[ subject ]

	countryName = Country Name (2 letter code)
	countryName_default = US

	stateOrProvinceName = State or Province Name (full name)
	stateOrProvinceName_default = NY

	localityName = Locality Name (eg, city)
	localityName_default = New York

	organizationName = Organization Name (eg, company)
	organizationName_default = Example, LLC

	commonName = Common Name (e.g. server FQDN or YOUR name)
	commonName_default = {{DOMAIN}}

	emailAddress = Email Address
	emailAddress_default = [email protected]

	[ x509_ext ]

	subjectKeyIdentifier = hash
	authorityKeyIdentifier = keyid,issuer

	basicConstraints = CA:FALSE
	keyUsage = digitalSignature, keyEncipherment
	subjectAltName = @alternate_names
	nsComment = "OpenSSL Generated Certificate"

	[ req_ext ]

	subjectKeyIdentifier = hash

	basicConstraints = CA:FALSE
	keyUsage = digitalSignature, keyEncipherment
	subjectAltName = @alternate_names
	nsComment = "OpenSSL Generated Certificate"

	[ alternate_names ]

	DNS.1 = {{DOMAIN}}
	@echo off
	set /p domain="Enter Domain: "
	set OPENSSL_CONF=../conf/openssl.cnf

	REM
	REM Read the "cert-template.conf" file and replace all {{DOMAIN}} placeholders by the entered domain.
	REM Write the result into a new file called "cert.conf".
	REM
	REM @see https://stackoverflow.com/questions/5273937/how-to-replace-substrings-in-windows-batch-file#20227248
	REM
	setlocal enabledelayedexpansion
	set INTEXTFILE=cert-template.conf
	set OUTTEXTFILE=cert.conf
	set SEARCHTEXT={{DOMAIN}}
	set REPLACETEXT=%domain%

	if exist %OUTTEXTFILE% del /F %OUTTEXTFILE%
	for /f "tokens=1,* delims=¶" %%A in ( '"findstr /n ^^ %INTEXTFILE%"') do (
	SET string=%%A
	for /f "delims=: tokens=1,*" %%a in ("!string!") do set "string=%%b"
	if "!string!" == "" (
	echo.>>%OUTTEXTFILE%
	) else (
	SET modified=!string:%SEARCHTEXT%=%REPLACETEXT%!
	echo !modified! >> %OUTTEXTFILE%
	)
	)


	REM
	REM Create the target directory.
	REM
	if not exist .\%domain% mkdir .\%domain%


	REM
	REM Create the certificate and key files.
	REM
	..\bin\openssl req -config %OUTTEXTFILE% -new -sha256 -newkey rsa:2048 -nodes -keyout %domain%\server.key -x509 -days 365 -out %domain%\server.crt


	REM
	REM Delete the written file "cert.conf" as this file would only be used to create the certificate.
	REM
	if exist %OUTTEXTFILE% del /F %OUTTEXTFILE%


	echo.
	echo -----
	echo The certificate was provided.
	echo.
	pause