18 lines
630 B
Plaintext
18 lines
630 B
Plaintext
#/bin/sh
|
|
|
|
# generates a self-signed certificate using openssl
|
|
|
|
CANAME=CA-MBS
|
|
CERTNAME=localhost
|
|
DOMAINNAME=*.privatesuv.com
|
|
|
|
if [ ! -f $CERTNAME.ext ]; then
|
|
|
|
echo "[SAN]
|
|
subjectAltName=DNS:$DOMAINNAME" > $CERTNAME.ext
|
|
|
|
fi
|
|
|
|
openssl req -extensions v3_req -new -addext "subjectAltName = DNS:$DOMAINNAME" -addext "keyUsage = digitalSignature,keyAgreement" -addext "extendedKeyUsage = serverAuth" -newkey rsa:4096 -sha256 -keyout $CERTNAME.key -nodes -out $CERTNAME.csr
|
|
openssl x509 -req -extensions SAN -extfile $CERTNAME.ext -in $CERTNAME.csr -CA $CANAME.crt -CAkey $CANAME.key -CAcreateserial -out $CERTNAME.crt -days 730 -sha256
|