Create a Certificate Signing Request for a domain name

makeCSR.sh

#!/bin/bash

# Aijaz Ansari

# This work is licensed under the Creative Commons Attribution 4.0
# International License. To view a copy of this license, visit
# http://creativecommons.org/licenses/by/4.0/ or send a letter to
# Creative Commons, PO Box 1866, Mountain View, CA 94042, USA.

# This script takes in one parameter, a domain name.
# It will create an RSA key, and save an unencrypted copy of the
# key. Then it will use the key to create a CSR (certificate
# signing request). The permissions of the key files will then
# be set to read-only.
#
# All of the files will be created in a subdirectory of the
# current directory named domain.YYYY-mm-dd--HH-MM-SS
#
# e.g.: $ makeCert.sh aijaz.net


# Get a unique string based on the current time
dt=`date "+%Y-%m-%d--%H-%M-%S"`

if [ $1 ];  then
    domain=$1

    # save everything in a new directory
    mkdir $domain.$dt

    # generate a key
    openssl genrsa -des3 -out $domain.$dt/$domain.key 2048

    # make an unencrypted version of the key
    openssl rsa -in $domain.$dt/$domain.key -out $domain.$dt/$domain.keyu

    # create a new certificate signing using the unencrypted key
    openssl req -new -key $domain.$dt/$domain.keyu -out $domain.$dt/$domain.csr

    # make the key files read-only
    chmod 600 $domain.$dt/$domain.key*
else
    echo "usage: $0 <domain_name>"
    echo ""
    echo " This script takes in one parameter, a domain name."
    echo " It will create an RSA key, and save an unencrypted copy of the"
    echo " key. Then it will use the key to create a CSR (certificate"
    echo " signing request). The permissions of the key files will then"
    echo " be set to read-only."
    echo ""
    echo " All of the files will be created in a subdirectory of the"
    echo " current directory named domain.YYYY-mm-dd--HH-MM-SS"
    echo ""
    echo " e.g.: $ makeCert.sh aijaz.net"
fi