When you have to generate multiple certificates for a lot of domains you better get smart at it ;-)
Below is a bash script to generate a password-less key (needless to say you need this for servers but at the same time you must protect them from unauthorized access) and a certificate request:
#!/bin/bash -e
# gencert.sh
# @author: Nestor Urquiza
USAGE="Usage: `basename $0` "
if [ $# -ne "7" ]
then
echo $USAGE
exit 1
fi
countryCode=$1
state=$2
city=$3
company=$4
organizationalUnitName=$5
domain=$6
email=$7
openssl req -nodes -newkey rsa:2048 -keyout ${domain}.key -out ${domain}.csr -batch -subj "/C=$countryCode/ST=$state/L=$city/O=$company/OU=$organizationalUnitName/CN=$domain/emailAddress=$email"
Here is how you would use it:
export domain=domain.sample.com && ./gencert.sh "US" "CA" "San Francisco" "Domain Sample LLC" "Operations" "$domain" "@sample.com"
No comments:
Post a Comment