Skip to content

Instantly share code, notes, and snippets.

@MParvin
Last active November 5, 2024 09:46
Show Gist options
  • Save MParvin/19940dcd9ad4e7f065a73ab4c27b9ee6 to your computer and use it in GitHub Desktop.
Save MParvin/19940dcd9ad4e7f065a73ab4c27b9ee6 to your computer and use it in GitHub Desktop.
Generate self-signed SSL
#!/bin/bash
if [ -z "$1" ]; then
echo "Error: No domain name provided."
echo "Usage: $0 <domain>"
exit 1
fi
######## Variables ########
DOMAIN="$1"
SAFE_DOMAIN=$(echo $DOMAIN | sed 's/*/wildcard/g')
KEY_PATH="/etc/ssl/private/${SAFE_DOMAIN}.key"
CSR_PATH="/etc/ssl/certs/${SAFE_DOMAIN}.csr"
CRT_PATH="/etc/ssl/certs/${SAFE_DOMAIN}.crt"
DAYS_VALID=365
CONFIG_FILE="/tmp/${SAFE_DOMAIN}.openssl.cnf"
######## Generate OpenSSL Configuration File ########
cat > $CONFIG_FILE <<EOL
[req]
default_bits = 2048
distinguished_name = req_distinguished_name
req_extensions = req_ext
x509_extensions = v3_ca
prompt = no
[req_distinguished_name]
CN = $DOMAIN
[req_ext]
subjectAltName = @alt_names
[v3_ca]
subjectAltName = @alt_names
[alt_names]
DNS.1 = $DOMAIN
EOL
######### Generate a Private Key ########
openssl genpkey -algorithm RSA -out $KEY_PATH
######## Create a Certificate Signing Request (CSR) ########
openssl req -new -key $KEY_PATH -out $CSR_PATH -config $CONFIG_FILE
######## Generate a Self-Signed Certificate ########
openssl x509 -req -days $DAYS_VALID -in $CSR_PATH -signkey $KEY_PATH -out $CRT_PATH -extfile $CONFIG_FILE -extensions v3_ca
######## Clean up ########
rm -f $CONFIG_FILE
echo "Self-signed SSL certificate generated successfully!"
echo "Private Key: $KEY_PATH"
echo "CSR: $CSR_PATH"
echo "Certificate: $CRT_PATH"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment