Script per crear certificats de forma simple en OpenSSL

Per generar certificats autogenerats amb SSL de forma simple.

SITE=host.domain.tld
DAYS=3650
rm -rf *.pem

#CA
openssl genrsa 4096  > $SITE-cky.pem
openssl req -sha256 -new -x509 -nodes -days $DAYS -key $SITE-cky.pem -subj "/C=CA/ST=Catalunya/L=Barcelona/O=org/OU=sysadmin/CN=admin" > $SITE-car.pem

#CERT
openssl req -sha256 -newkey rsa:4096 -days $DAYS -nodes -keyout $SITE-key.pem -subj "/C=CA/ST=Catalunya/L=Barcelona/O=org/OU=sysadmin/CN=$SITE" > $SITE-req.pem
openssl rsa -in $SITE-key.pem -out $SITE-key.pem
openssl x509 -sha256 -req -in $SITE-req.pem -days $DAYS -CA $SITE-car.pem -CAkey $SITE-cky.pem -set_serial 01 > $SITE-crt.pem
openssl dhparam -out $SITE-dh4096.pem 4096

#OUTPUT
openssl x509 -in $SITE-car.pem -noout -text
openssl x509 -in $SITE-crt.pem -noout -text
print

Deixa un comentari

L'adreça electrònica no es publicarà. Els camps necessaris estan marcats amb *

seventeen − thirteen =