xoxefdp · June 26, 2018 12:05
diff --git a/create_ssl_certificate.sh b/create_ssl_certificate.sh
 #!/bin/bash

 # https://gist.github.com/xoxefdp/981df1776d2a653bc0ce5687142d0fa3

 # Check if argument for dhcp interface is present
 if [ $# -lt 2 ]; then
 	printf "Supply arguments for CERTIFICATE_NAME, CERTIFICATE_SUBJ"
 	exit 1
 fi

 CERTIFICATE_NAME=$1
 # Certificate subject
 # double backslashes ( \\ ) to supply connection for added spaces on some parameters of the subject, depends on shell
 # '/C=XX/ST=XXXXX/L=XXXXX/O=XXX\\XX/OU=XX\\XX/CN=XXXX.XX/[email protected]'
 CERTIFICATE_SUBJ=$2

 # Generate passpahrase
 echo 'EXECUTING --> openssl rand -base64 512 > '$CERTIFICATE_NAME
 openssl rand -base64 256 > $CERTIFICATE_NAME

 # Generate a Private Key
 echo 'EXECUTING --> openssl genrsa -des3 -passout file:'$CERTIFICATE_NAME' -out '$CERTIFICATE_NAME'.key'
 openssl genrsa -des3 -passout file:$CERTIFICATE_NAME -out $CERTIFICATE_NAME.key

 # Generate a CSR (Certificate Signing Request)
 echo 'EXECUTING --> openssl req -sha256 -new -passin file:'$CERTIFICATE_NAME' -key '$CERTIFICATE_NAME'.key -out '$CERTIFICATE_NAME'.csr -subj '$CERTIFICATE_SUBJ
 openssl req -sha256 -new -passin file:$CERTIFICATE_NAME -key $CERTIFICATE_NAME.key -out $CERTIFICATE_NAME.csr -subj $CERTIFICATE_SUBJ

 # Remove Passphrase from Key
 echo 'EXECUTING --> cp '$CERTIFICATE_NAME'.key '$CERTIFICATE_NAME'.key.pass'
 cp $CERTIFICATE_NAME.key $CERTIFICATE_NAME.key.pass
 echo 'EXECUTING --> openssl rsa -in '$CERTIFICATE_NAME'.key.pass -passin file:'$CERTIFICATE_NAME' -out '$CERTIFICATE_NAME'.key'
 openssl rsa -in $CERTIFICATE_NAME.key.pass -passin file:$CERTIFICATE_NAME -out $CERTIFICATE_NAME.key

 # Generate a Self-Signed Certificate for 10 years
 echo 'EXECUTING --> openssl x509 -sha256 -req -days 3650 -in '$CERTIFICATE_NAME'.csr -signkey '$CERTIFICATE_NAME'.key -out '$CERTIFICATE_NAME'.crt'
 openssl x509 -sha256 -req -days 3650 -in $CERTIFICATE_NAME.csr -signkey $CERTIFICATE_NAME.key -out $CERTIFICATE_NAME.crt
	#!/bin/bash

	# https://gist.github.com/xoxefdp/981df1776d2a653bc0ce5687142d0fa3

	# Check if argument for dhcp interface is present
	if [ $# -lt 2 ]; then
	printf "Supply arguments for CERTIFICATE_NAME, CERTIFICATE_SUBJ"
	exit 1
	fi

	CERTIFICATE_NAME=$1
	# Certificate subject
	# double backslashes ( \\ ) to supply connection for added spaces on some parameters of the subject, depends on shell
	# '/C=XX/ST=XXXXX/L=XXXXX/O=XXX\\XX/OU=XX\\XX/CN=XXXX.XX/[email protected]'
	CERTIFICATE_SUBJ=$2

	# Generate passpahrase
	echo 'EXECUTING --> openssl rand -base64 512 > '$CERTIFICATE_NAME
	openssl rand -base64 256 > $CERTIFICATE_NAME

	# Generate a Private Key
	echo 'EXECUTING --> openssl genrsa -des3 -passout file:'$CERTIFICATE_NAME' -out '$CERTIFICATE_NAME'.key'
	openssl genrsa -des3 -passout file:$CERTIFICATE_NAME -out $CERTIFICATE_NAME.key

	# Generate a CSR (Certificate Signing Request)
	echo 'EXECUTING --> openssl req -sha256 -new -passin file:'$CERTIFICATE_NAME' -key '$CERTIFICATE_NAME'.key -out '$CERTIFICATE_NAME'.csr -subj '$CERTIFICATE_SUBJ
	openssl req -sha256 -new -passin file:$CERTIFICATE_NAME -key $CERTIFICATE_NAME.key -out $CERTIFICATE_NAME.csr -subj $CERTIFICATE_SUBJ

	# Remove Passphrase from Key
	echo 'EXECUTING --> cp '$CERTIFICATE_NAME'.key '$CERTIFICATE_NAME'.key.pass'
	cp $CERTIFICATE_NAME.key $CERTIFICATE_NAME.key.pass
	echo 'EXECUTING --> openssl rsa -in '$CERTIFICATE_NAME'.key.pass -passin file:'$CERTIFICATE_NAME' -out '$CERTIFICATE_NAME'.key'
	openssl rsa -in $CERTIFICATE_NAME.key.pass -passin file:$CERTIFICATE_NAME -out $CERTIFICATE_NAME.key

	# Generate a Self-Signed Certificate for 10 years
	echo 'EXECUTING --> openssl x509 -sha256 -req -days 3650 -in '$CERTIFICATE_NAME'.csr -signkey '$CERTIFICATE_NAME'.key -out '$CERTIFICATE_NAME'.crt'
	openssl x509 -sha256 -req -days 3650 -in $CERTIFICATE_NAME.csr -signkey $CERTIFICATE_NAME.key -out $CERTIFICATE_NAME.crt