James McDonald
1.6 KiB
1.6 KiB
title, author, type, date, url, categories
| title | author | type | date | url | categories | |
|---|---|---|---|---|---|---|
| Function for bash or zsh to generate SSL requests and certificates | james | post | 2015-07-03T14:19:10+00:00 | /2015/07/function-for-bash-or-zsh-to-generate-ssl-requests/ |
|
Rather than memorising annoying OpenSSL options, stick this in your profile, edit the ‘SUBJ’ bit, and you’ll be generating keys with ease.
# Generate an SSL key and a signing request or self-signed certificate
sslcert() {
cn=$1
# The prefix for the certificate's subject, eg
# SUBJ="/C=GB/ST=Edinburgh/L=Edinburgh/O=Widget Co"
SUBJ="<<< SET THIS BIT >>>"
if [ -z "$cn" -o "$cn" = "-h" ]; then
echo "usage: $0 <common name> [csr|crt]" >&2
echo " csr - generate a certificate signing request (default)" >&2
echo " crt - generate a self-signed certificate" >&2
return 1
fi
type=${2:-csr}
name=$(echo $cn | sed -e 's/^\*\./star./')
if [ -r $name ]; then
echo "$0: $name already exists"
return 1
fi
mkdir $name
if [ $? -ne 0 ]; then
echo "$0: can't mkdir $name" >&2
return 1
fi
cd $name
openssl genrsa -out ${name}.key 4096
case $type in
csr)
openssl req -new -key ${name}.key -out ${name}.csr -sha256 -subj "${SUBJ}/CN=${cn}"
;;
crt)
openssl req -new -x509 -days 3650 -key ${name}.key -out ${name}.crt -sha256 -subj "${SUBJ}/CN=${cn}"
;;
esac
cd ..
}