40 lines
711 B
Bash
Executable File
40 lines
711 B
Bash
Executable File
#!/bin/sh
|
|
CN="$1"
|
|
ALTNAME="$2"
|
|
|
|
openssl req \
|
|
-new \
|
|
-utf8 \
|
|
-sha256 \
|
|
-key /ca/keys/ca.key \
|
|
-subj "/O=RedXen/CN=$CN" \
|
|
-nodes \
|
|
-keyout keys/"$CN".key \
|
|
-out /tmp/"$CN".csr
|
|
|
|
if [ -z "$ALTNAME" ]; then
|
|
openssl x509 \
|
|
-req \
|
|
-in /tmp/"$CN".csr \
|
|
-days 365 \
|
|
-extfile <(cat /tmp/x509v3_config) \
|
|
-CA /ca/certs/ca.crt \
|
|
-CAkey /ca/keys/ca.key \
|
|
-out certs/"$CN".crt
|
|
else
|
|
openssl x509 \
|
|
-req \
|
|
-in /tmp/"$CN".csr \
|
|
-days 365 \
|
|
-extfile <(cat /tmp/x509v3_config <(echo "subjectAltName=$ALTNAME")) \
|
|
-CA /ca/certs/ca.crt \
|
|
-CAkey /ca/keys/ca.key \
|
|
-out certs/"$CN".crt
|
|
#-CAcreateserial \
|
|
#-CAserial /tmp/discard.srl \
|
|
fi
|
|
|
|
openssl x509 \
|
|
-in certs/"$CN".crt \
|
|
-noout -text
|