Danh Hung hungio
hungio
/ mongodb-ssl.sh
Last active
March 30, 2021 08:23
— forked from kevinadi/mongodb-ssl.sh
Script to create self-signed CA certificates, server certificates, and client certificates for testing MongoDB with SSL
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # For multi domain, add reqexts option when generate cer | |
| # --reqexts SAN -config <(cat /etc/ssl/openssl.cnf <(printf "[SAN]\nsubjectAltName=DNS:example.com,DNS:www.example.com")) | |
| # For wildcard domain, using '*' at first | |
| # -subj "/C=AU/ST=NSW/L=Sydney/O=MongoDB/OU=root/CN=*.example.com/[email protected]" | |
| # Generate self signed root CA cert | |
| openssl req -nodes -x509 -newkey rsa:2048 -keyout ca.key -out ca.crt -subj "/C=AU/ST=NSW/L=Sydney/O=MongoDB/OU=root/CN=`hostname -f`/[email protected]" -days 365 |