webee · December 12, 2016 06:11
diff --git a/init_ssl_cert.sh b/init_ssl_cert.sh
 #!/bin/bash
 # /etc/nginx/ssl/<site>/
 site=$1
 # DNS:www.abc.xyz,DNS:xyz.abc.xyz
 domains=$2

 OPENSSL_CNF=/etc/pki/tls/openssl.cnf

 ssl_dir=/etc/nginx/ssl
 mkdir -p ${ssl_dir}
 cd ${ssl_dir}

 ! [ -f account.key ] && openssl genrsa 4096 > account.key
 ! [ -f domain.key ] && openssl genrsa 4096 > domain.key

 mkdir -p ${site}
 if ! [ -f "${site}/domain.csr" ]; then
    openssl req -new -sha256 -key domain.key -subj "/" -reqexts SAN -config <(cat ${OPENSSL_CNF} <(printf "[SAN]\nsubjectAltName=${domains}")) > ${site}/domain.csr
 fi
	#!/bin/bash
	# /etc/nginx/ssl/<site>/
	site=$1
	# DNS:www.abc.xyz,DNS:xyz.abc.xyz
	domains=$2

	OPENSSL_CNF=/etc/pki/tls/openssl.cnf

	ssl_dir=/etc/nginx/ssl
	mkdir -p ${ssl_dir}
	cd ${ssl_dir}

	! [ -f account.key ] && openssl genrsa 4096 > account.key
	! [ -f domain.key ] && openssl genrsa 4096 > domain.key

	mkdir -p ${site}
	if ! [ -f "${site}/domain.csr" ]; then
	openssl req -new -sha256 -key domain.key -subj "/" -reqexts SAN -config <(cat ${OPENSSL_CNF} <(printf "[SAN]\nsubjectAltName=${domains}")) > ${site}/domain.csr
	fi