From 0da8acf8974c5d51fd84291091d1f7a1fd8c1176 Mon Sep 17 00:00:00 2001 From: Peter Palfrader Date: Thu, 31 Dec 2015 10:22:24 +0100 Subject: letsencrypt-helpers --- letsencrypt-helpers/new-csr | 38 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) create mode 100755 letsencrypt-helpers/new-csr (limited to 'letsencrypt-helpers/new-csr') diff --git a/letsencrypt-helpers/new-csr b/letsencrypt-helpers/new-csr new file mode 100755 index 0000000..7275573 --- /dev/null +++ b/letsencrypt-helpers/new-csr @@ -0,0 +1,38 @@ +#!/bin/sh + +set -e +set -u + +cd ~/certs + +if [ "$#" = 0 ]; then + echo >&2 "Usage: $0 [..]" + exit 1 +fi + +cn="$1" +shift + +if ! [ -e "$cn.key" ] ; then + echo >&2 "$cn.key does not exist." + exit 1 +fi + +if [ "$#" = 0 ]; then + openssl req -new -sha256 -key "$cn.key" -subj "/CN=$cn" -out "$cn.csr" + openssl x509 -req -days 365 -in "$cn.csr" -signkey "$cn.key" -out "$cn-selfsigned.pem" +else + tmp="`tempfile`" + trap "rm -f '$tmp'" EXIT + ( + cat /etc/ssl/openssl.cnf + echo "[SAN]" + echo -n "subjectAltName=DNS:$cn" + for i in "$@"; do + echo -n ",DNS:$i" + done + echo + ) > "$tmp" + openssl req -new -sha256 -key "$cn.key" -subj "/" -reqexts SAN -config "$tmp" -out "$cn.csr" + openssl x509 -req -days 365 -in "$cn.csr" -signkey "$cn.key" -extensions SAN -extfile "$tmp" -out "$cn-selfsigned.pem" +fi -- cgit v1.2.3