mikepsinn · September 2, 2021 19:29
diff --git a/self-signed-wildcard-ssl-for-nginx.sh b/self-signed-wildcard-ssl-for-nginx.sh
 #!/usr/bin/env bash

 # sudo apt-get install -y curl 
 # curl https://gist.githubusercontent.com/mikepsinn/b1142aa685ef71d6d3af9b01fc386539/raw/self-signed-wildcard-ssl-for-nginx.sh | sudo bash -s

 ROOT_DOMAIN=quantimo.do
 # Specify where we will install
 SSL_DIR="/etc/nginx/ssl"
 # Set the wildcarded domain we want to use
 WILDCARD_DOMAIN="*.${ROOT_DOMAIN}"
 sudo mkdir ${SSL_DIR} || true
 # A blank passphrase
 PASSPHRASE=""
 # Set our CSR variables
 SUBJ="
 C=US
 ST=Connecticut
 O=QuantiModo
 localityName=New Haven
 commonName=$WILDCARD_DOMAIN
 organizationalUnitName=QuantiModo
 [email protected]
 "

 # Generate our Private Key, CSR and Certificate
 sudo rm ${SSL_DIR}/${ROOT_DOMAIN}.key
 sudo rm ${SSL_DIR}/${ROOT_DOMAIN}.csr
 sudo openssl genrsa -out "$SSL_DIR/${ROOT_DOMAIN}.key" 2048
 sudo openssl req -new -subj "$(echo -n "$SUBJ" | tr "\n" "/")" -key "$SSL_DIR/${ROOT_DOMAIN}.key" -out "$SSL_DIR/${ROOT_DOMAIN}.csr" -passin pass:${PASSPHRASE}
 sudo openssl x509 -req -days 365 -in "$SSL_DIR/${ROOT_DOMAIN}.csr" -signkey "$SSL_DIR/${ROOT_DOMAIN}.key" -out "$SSL_DIR/${ROOT_DOMAIN}.crt"

 echo "
 Add this to your nginx config:
 server {
    listen 443 ssl;

    server_name example.local;
    root /vagrant/public.built;

    ssl on;
    ssl_certificate     $SSL_DIR/${ROOT_DOMAIN}.crt;
    ssl_certificate_key $SSL_DIR/${ROOT_DOMAIN}.key;

    ... and the rest ...
 }
 "

 echo "
 Chrome Users:
 Go to Settings.
 Click advanced settings at the bottom.
 Scroll down to Network and click "Change Proxy Settings"
 Go to the Content tab and then click "Clear SSL State"
 "
	#!/usr/bin/env bash

	# sudo apt-get install -y curl
	# curl https://gist.githubusercontent.com/mikepsinn/b1142aa685ef71d6d3af9b01fc386539/raw/self-signed-wildcard-ssl-for-nginx.sh \| sudo bash -s

	ROOT_DOMAIN=quantimo.do
	# Specify where we will install
	SSL_DIR="/etc/nginx/ssl"
	# Set the wildcarded domain we want to use
	WILDCARD_DOMAIN="*.${ROOT_DOMAIN}"
	sudo mkdir ${SSL_DIR} \|\| true
	# A blank passphrase
	PASSPHRASE=""
	# Set our CSR variables
	SUBJ="
	C=US
	ST=Connecticut
	O=QuantiModo
	localityName=New Haven
	commonName=$WILDCARD_DOMAIN
	organizationalUnitName=QuantiModo
	[email protected]
	"

	# Generate our Private Key, CSR and Certificate
	sudo rm ${SSL_DIR}/${ROOT_DOMAIN}.key
	sudo rm ${SSL_DIR}/${ROOT_DOMAIN}.csr
	sudo openssl genrsa -out "$SSL_DIR/${ROOT_DOMAIN}.key" 2048
	sudo openssl req -new -subj "$(echo -n "$SUBJ" \| tr "\n" "/")" -key "$SSL_DIR/${ROOT_DOMAIN}.key" -out "$SSL_DIR/${ROOT_DOMAIN}.csr" -passin pass:${PASSPHRASE}
	sudo openssl x509 -req -days 365 -in "$SSL_DIR/${ROOT_DOMAIN}.csr" -signkey "$SSL_DIR/${ROOT_DOMAIN}.key" -out "$SSL_DIR/${ROOT_DOMAIN}.crt"

	echo "
	Add this to your nginx config:
	server {
	listen 443 ssl;

	server_name example.local;
	root /vagrant/public.built;

	ssl on;
	ssl_certificate $SSL_DIR/${ROOT_DOMAIN}.crt;
	ssl_certificate_key $SSL_DIR/${ROOT_DOMAIN}.key;

	... and the rest ...
	}
	"

	echo "
	Chrome Users:
	Go to Settings.
	Click advanced settings at the bottom.
	Scroll down to Network and click "Change Proxy Settings"
	Go to the Content tab and then click "Clear SSL State"
	"