summaryrefslogtreecommitdiff
path: root/letsencrypt-helpers/new-csr
diff options
context:
space:
mode:
Diffstat (limited to 'letsencrypt-helpers/new-csr')
-rwxr-xr-xletsencrypt-helpers/new-csr38
1 files changed, 38 insertions, 0 deletions
diff --git a/letsencrypt-helpers/new-csr b/letsencrypt-helpers/new-csr
new file mode 100755
index 0000000..7275573
--- /dev/null
+++ b/letsencrypt-helpers/new-csr
@@ -0,0 +1,38 @@
+#!/bin/sh
+
+set -e
+set -u
+
+cd ~/certs
+
+if [ "$#" = 0 ]; then
+ echo >&2 "Usage: $0 <fqdn> [..]"
+ exit 1
+fi
+
+cn="$1"
+shift
+
+if ! [ -e "$cn.key" ] ; then
+ echo >&2 "$cn.key does not exist."
+ exit 1
+fi
+
+if [ "$#" = 0 ]; then
+ openssl req -new -sha256 -key "$cn.key" -subj "/CN=$cn" -out "$cn.csr"
+ openssl x509 -req -days 365 -in "$cn.csr" -signkey "$cn.key" -out "$cn-selfsigned.pem"
+else
+ tmp="`tempfile`"
+ trap "rm -f '$tmp'" EXIT
+ (
+ cat /etc/ssl/openssl.cnf
+ echo "[SAN]"
+ echo -n "subjectAltName=DNS:$cn"
+ for i in "$@"; do
+ echo -n ",DNS:$i"
+ done
+ echo
+ ) > "$tmp"
+ openssl req -new -sha256 -key "$cn.key" -subj "/" -reqexts SAN -config "$tmp" -out "$cn.csr"
+ openssl x509 -req -days 365 -in "$cn.csr" -signkey "$cn.key" -extensions SAN -extfile "$tmp" -out "$cn-selfsigned.pem"
+fi
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-22 07:05:55 +0000