Make certificates quickly

Posted: February 15th, 2016 | Author: jordan | Filed under: SSL | No Comments »

Now that you have your own Certificate Authority setup from my previous article you’ll want a fast way of whipping up new certs. Never fear for making certs is here. Drop the following code into an executable file and place it into the myCA folder. You’ll be able to make certificates at whim by issuing a command like

make-cert.sh hostname.lan.domain.com 3650 01

#!/bin/bash


HOSTNAME=$1

DAYS=$2

SERIAL=$3
if [[ $# -lt 3 ]]; then

echo $0: requires FQDN for certificate, valid for X days, two digit serial, please document this

echo example: $0 hostname.lan.domain.com 3650 01

echo place this script into the myCA root folder

exit 1

fi

mkdir $HOSTNAME openssl genrsa -des3 -out $HOSTNAME/$HOSTNAME.key 4096 openssl req -new -key $HOSTNAME/$HOSTNAME.key -out $HOSTNAME/$HOSTNAME.csr openssl x509 -req -days $DAYS -in $HOSTNAME/$HOSTNAME.csr -CA cert/cert.pem -CAkey key/ca.key.pem -set_serial $SERIAL -out $HOSTNAME/$HOSTNAME.crt openssl rsa -in $HOSTNAME/$HOSTNAME.key -out $HOSTNAME/$HOSTNAME.key.insecure mv $HOSTNAME/$HOSTNAME.key $HOSTNAME/$HOSTNAME.key.secure mv $HOSTNAME/$HOSTNAME.key.insecure $HOSTNAME/$HOSTNAME.key exit 0

jordaneunson.com

I make/break/fix stuff

Make certificates quickly

Leave a Reply

Become a Friend

The Monthlies

Fresh