-
-
Save mikemadisonweb/6ac971ad9a136501628a1cb32368f43e to your computer and use it in GitHub Desktop.
Create self-signed SSL certificate for Nginx
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| usage () { | |
| echo -e "Usage:\nself-signed-cert-gen.sh DOMAIN"; | |
| } | |
| # Parse command line options | |
| DOMAIN="" | |
| while [ $# -gt 0 ] | |
| do | |
| case "$1" in | |
| -*) | |
| usage | |
| exit 1 | |
| ;; | |
| *) | |
| if [[ ${DOMAIN} != "" ]]; then | |
| usage | |
| exit 1 | |
| fi | |
| DOMAIN="$1" | |
| shift | |
| ;; | |
| esac | |
| done | |
| echo "Generating an SSL private key to sign your certificate..." | |
| openssl genrsa -des3 -out ${DOMAIN}.key -passout pass:client11 1024 | |
| echo "Generating a Certificate Signing Request..." | |
| openssl req -new -key ${DOMAIN}.key -out ${DOMAIN}.csr -passin pass:client11 -subj "/C=RU/ST=Moscow/L=Moscow/O=Network/OU=Any Department/CN=${DOMAIN}" | |
| echo "Removing passphrase from key (for nginx)..." | |
| mv ${DOMAIN}.key ${DOMAIN} | |
| openssl rsa -in ${DOMAIN} -out ${DOMAIN}.key -passin pass:client11 | |
| rm ${DOMAIN} | |
| echo "Generating certificate..." | |
| openssl x509 -req -days 365 -in ${DOMAIN}.csr -signkey ${DOMAIN}.key -out ${DOMAIN}.crt | |
| rm ${DOMAIN}.csr | |
| echo "Copying certificate (${DOMAIN}.crt) to root/etc/ssl/certs/" | |
| mkdir -p root/etc/ssl/certs | |
| mv ${DOMAIN}.crt root/etc/ssl/certs/ | |
| echo "Copying key (${DOMAIN}.key) to root/etc/ssl/private/" | |
| mkdir -p root/etc/ssl/private | |
| mv ${DOMAIN}.key root/etc/ssl/private/ |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment