view make-certificate @ 18:b8c7a89c4ebd

Include Subject Alt Name in certs and use CA function
author IBBoard <dev@ibboard.co.uk>
date Mon, 01 Oct 2018 20:48:28 +0100
parents 14c88dd76d53
children 86ca8ee7b597
line wrap: on
line source

#! /bin/bash

set -e

if [ $# -ne 1 ]; then
	echo "Usage: $0 <key-name>"
	exit 1
fi

if [ ! -d ~/Websites/certs/ ]; then
	echo "~/Websites/certs/ didn't exist - can't create certs"
	exit 1
fi

pushd ~/Websites/certs/

openssl req -nodes -sha256 -new -keyout $1.key -out $1.csr -subj "/C=GB/ST=Worcestershire/O=$1/CN=$1" \
	-config <(cat ~/.ssh/CA/openssl.cnf <(echo "DNS.1=$1"))
openssl ca -in $1.csr -out $1.crt -cert ~/.ssh/CA/ca.crt -keyfile ~/.ssh/CA/ca.key -days 365 \
	-config <(cat ~/.ssh/CA/openssl.cnf <(echo "DNS.1=$1")) -batch
popd