Skip to content

Instantly share code, notes, and snippets.

@pimentelra

pimentelra/generate_domain_certificate.bat

Created July 18, 2019 13:18
Show Gist options
  • Save pimentelra/4b81e0e5ebdb383380d4add8b0e3dd8f to your computer and use it in GitHub Desktop.
Save pimentelra/4b81e0e5ebdb383380d4add8b0e3dd8f to your computer and use it in GitHub Desktop.
Download ZIP
OpenSSL certificates generation scripts
Raw
generate_domain_certificate.bat
@ECHO OFF
SETLOCAL ENABLEDELAYEDEXPANSION
CLS
ECHO.
ECHO Generating Self-Signed Certificate
ECHO ==================================
IF [%1]==[] GOTO USAGE
IF [%2]==[] GOTO USAGE
IF [%3]==[] GOTO USAGE
SET "domain=%~1"
SET "days=%~2"
SET "root=%~3"
SET exepath="c:\Program Files\OpenSSL-Win64\bin\openssl.exe"
%exepath% genrsa -out "!domain!.key" 2048
IF NOT EXIST "!domain!.key" (
ECHO Private key generation failed!
EXIT /B
)
%exepath% req -new -sha256 -key "!domain!.key" -subj "/C=PT/ST=LIS/O=Issuer/CN=!domain!" -out "!domain!.csr"
IF NOT EXIST "!domain!.csr" (
ECHO Certificate sign request generation failed!
EXIT /B
)
IF EXIST "v3.ext" (
DEL v3.ext
)
(
ECHO authorityKeyIdentifier=keyid,issuer
ECHO basicConstraints=CA:FALSE
ECHO keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
ECHO subjectAltName = @alt_names
ECHO.
ECHO [alt_names]
ECHO DNS.1 = !domain!
) > v3.ext
%exepath% x509 -req -in "!domain!.csr" -CA "!root!.crt" -CAkey "!root!.key" -CAcreateserial -out "!domain!.crt" -days !days! -sha256 -extfile v3.ext
IF EXIST "v3.ext" (
DEL v3.ext
)
IF NOT EXIST "!domain!.crt" (
ECHO Certificate generation failed!
EXIT /B
)
GOTO DONE
:USAGE
ECHO.
ECHO ERROR: Parameter missing!
ECHO.
ECHO Usage: generate_root_ca %%domain%% %%days%% %%ca_name%%
ECHO domain: certificate domain
ECHO days: number of days for the certificate authority to be valid
ECHO ca_name: certificate authority name
EXIT /B 1
:DONE
ECHO Self signed certificate generated successfully!
Raw
generate_root_ca.bat
@ECHO OFF
SETLOCAL ENABLEDELAYEDEXPANSION
CLS
ECHO.
ECHO Generating Root Authority Certificate
ECHO =====================================
IF [%1]==[] GOTO USAGE
IF [%2]==[] GOTO USAGE
SET "domain=%~1"
SET "days=%~2"
SET exepath="c:\Program Files\OpenSSL-Win64\bin\openssl.exe"
REM In order to protect the key with a password add the argument -des3 to the following command
%exepath% genrsa -out "!domain!.key" 4096
IF NOT EXIST "!domain!.key" (
ECHO Root CA key generation failed!
EXIT /B
)
%exepath% req -x509 -new -nodes -key "!domain!.key" -sha256 -days !days! -out "!domain!.crt" -subj "/C=PT/ST=LIS/O=Issuer/CN=!domain!"
IF NOT EXIST "!domain!.crt" (
ECHO Root CA certificate generation failed!
EXIT /B
)
GOTO DONE
:USAGE
ECHO.
ECHO ERROR: Parameter missing!
ECHO.
ECHO Usage: generate_root_ca %%domain%% %%days%%
ECHO domain: certificate authority domain
ECHO days: number of days for the certificate authority to be valid
EXIT /B 1
:DONE
ECHO Root CA generated successfully!
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment