Advertisement
Guest User

Untitled

a guest
Jul 30th, 2015
214
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 1.02 KB | None | 0 0
  1. # Generate SSL Certificate for dev
  2.  
  3. export DOMAIN="example.dev"
  4. export PASSPHRASE=$(head -c 500 /dev/urandom | tr -dc a-z0-9A-Z | head -c 128; echo)
  5. export SUBJ="
  6. C=PT
  7. ST=Aveiro
  8. O=Example Organization
  9. localityName=Aveiro
  10. commonName=$DOMAIN
  11. organizationalUnitName=Dev Team
  12. emailAddress=support@$DOMAIN
  13. "
  14.  
  15. ## Create server private key
  16. openssl genrsa -des3 -out $DOMAIN.key -passout env:PASSPHRASE 2048
  17.  
  18. ## Create the Certificate Signing Request
  19. openssl req \
  20. -new \
  21. -batch \
  22. -subj "$(echo -n "$SUBJ" | tr "\n" "/")" \
  23. -key $DOMAIN.key \
  24. -out $DOMAIN.csr \
  25. -passin env:PASSPHRASE
  26.  
  27. mv $DOMAIN.key $DOMAIN.key.org
  28.  
  29. ## Strip the password so we don't have to type it every time we restart Apache
  30. openssl rsa -in $DOMAIN.key.org -out $DOMAIN.key -passin env:PASSPHRASE
  31.  
  32. ## Config file to allow multiple domains
  33. echo "subjectAltName=DNS:$DOMAIN,DNS:*.$DOMAIN" > multi.config
  34.  
  35. ## Generate the cert (good for 10 years)
  36. openssl x509 -req -days 3650 -in $DOMAIN.csr -signkey $DOMAIN.key -text -extfile multi.config -out $DOMAIN.crt
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement