38 lines
741 B
Bash
38 lines
741 B
Bash
|
#!/usr/bin/env bash
|
||
|
|
|
||
|
|
|
||
|
|
DOMAIN_NAME="$DOMAIN}"
|
||
|
|
DAYS_VALID=3650
|
||
|
|
|
||
|
|
CERT="0"
|
||
|
|
KEY="0"
|
||
|
|
|
||
|
|
CERT_FILE="/etc/ssl/certs/self-signed.crt"
|
||
|
|
KEY_FILE="/etc/ssl/private/self-signed.key"
|
||
|
|
|
||
|
|
stat "${CERT_FILE}"
|
||
|
|
if [ "$?" -eq "0" ];then
|
||
|
|
CERT="1"
|
||
|
|
fi
|
||
|
|
|
||
|
|
stat "${KEY_FILE}"
|
||
|
|
if [ "$?" -eq "0" ];then
|
||
|
|
KEY="1"
|
||
|
|
fi
|
||
|
|
|
||
|
|
if [[ "${KEY}" -eq "0" || "${CERT}" -eq "0" ]];then
|
||
|
|
|
||
|
|
echo "Creating self-signed certificate valid for ${DAYS_VALID} days for domain ${DOMAIN_NAME}" && \
|
||
|
|
openssl \
|
||
|
|
req -x509 \
|
||
|
|
-nodes \
|
||
|
|
-subj "/CN=${DOMAIN_NAME}}" \
|
||
|
|
-addext "subjectAltName=DNS:${DOMAIN_NAME}" \
|
||
|
|
-days ${DAYS_VALID} \
|
||
|
|
-newkey rsa:4096 -keyout "${KEY_FILE}" \
|
||
|
|
-out "${CERT_FILE}"
|
||
|
|
else
|
||
|
|
echo "Certificate and key already exist"
|
||
|
|
# verify that they both are OK
|
||
|
|
fi
|