Create Azure-compatible cert with openssl (mac/linux)

create_azure_pfx.sh

#!/bin/bash
#
# REF: https://azure.microsoft.com/en-us/documentation/articles/web-sites-configure-ssl-certificate/#bkmk_selfsigned
#
###### serverauth.cnf #####
#[ req ]
#default_bits           = 2048
#default_keyfile        = privkey.pem
#distinguished_name     = req_distinguished_name
#attributes             = req_attributes
#x509_extensions        = v3_ca
#
#[ req_distinguished_name ]
#countryName         = Country Name (2 letter code)
#countryName_min         = 2
#countryName_max         = 2
#stateOrProvinceName     = State or Province Name (full name)
#localityName            = Locality Name (eg, city)
#0.organizationName      = Organization Name (eg, company)
#organizationalUnitName      = Organizational Unit Name (eg, section)
#commonName          = Common Name (eg, your app's domain name)
#commonName_max          = 64
#emailAddress            = Email Address
#emailAddress_max        = 40
#
#[ req_attributes ]
#challengePassword       = A challenge password
#challengePassword_min       = 4
#challengePassword_max       = 20
#
#[ v3_ca ]
#subjectKeyIdentifier=hash
#authorityKeyIdentifier=keyid:always,issuer:always
#basicConstraints = CA:false
#keyUsage=nonRepudiation, digitalSignature, keyEncipherment
#extendedKeyUsage = serverAuth
#

DATE=`date +%Y%m%d.%H%M%S`
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout azure$DATE.key -out azure$DATE.crt -config serverauth.cnf

openssl pkcs12 -export -out azure$DATE.pfx -inkey azure$DATE.key -in azure$DATE.crt