Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # Generate SSL Certificate for dev
- export DOMAIN="example.dev"
- export PASSPHRASE=$(head -c 500 /dev/urandom | tr -dc a-z0-9A-Z | head -c 128; echo)
- export SUBJ="
- C=PT
- ST=Aveiro
- O=Example Organization
- localityName=Aveiro
- commonName=$DOMAIN
- organizationalUnitName=Dev Team
- emailAddress=support@$DOMAIN
- "
- ## Create server private key
- openssl genrsa -des3 -out $DOMAIN.key -passout env:PASSPHRASE 2048
- ## Create the Certificate Signing Request
- openssl req \
- -new \
- -batch \
- -subj "$(echo -n "$SUBJ" | tr "\n" "/")" \
- -key $DOMAIN.key \
- -out $DOMAIN.csr \
- -passin env:PASSPHRASE
- mv $DOMAIN.key $DOMAIN.key.org
- ## Strip the password so we don't have to type it every time we restart Apache
- openssl rsa -in $DOMAIN.key.org -out $DOMAIN.key -passin env:PASSPHRASE
- ## Config file to allow multiple domains
- echo "subjectAltName=DNS:$DOMAIN,DNS:*.$DOMAIN" > multi.config
- ## Generate the cert (good for 10 years)
- openssl x509 -req -days 3650 -in $DOMAIN.csr -signkey $DOMAIN.key -text -extfile multi.config -out $DOMAIN.crt
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement