66 lines
1.7 KiB
Bash
Executable file
66 lines
1.7 KiB
Bash
Executable file
#!/usr/bin/env bash
|
|
#
|
|
# SPDX-License-Identifier: MIT
|
|
|
|
if [ $# -lt 2 ]; then
|
|
echo "This script takes 2 params"
|
|
echo
|
|
echo "$0 <mode> <key filename>"
|
|
echo
|
|
exit 1
|
|
fi
|
|
|
|
SERVER=$2
|
|
|
|
case "$1" in
|
|
makeca)
|
|
/usr/bin/openssl genrsa -des3 -out ca.key 4096
|
|
/usr/bin/openssl req -new -x509 -days 1825 -key ca.key -out ca.crt
|
|
;;
|
|
makekey)
|
|
/usr/bin/openssl genrsa -des3 2048 > "${SERVER}.key.encrypted"
|
|
/usr/bin/openssl rsa -in "${SERVER}.key.encrypted" -out "${SERVER}.key"
|
|
;;
|
|
makecsr)
|
|
if [ ! -f "${SERVER}.key" ]; then
|
|
echo "${SERVER}.key missing, run \"$0 makekey\" first."
|
|
exit 1
|
|
fi
|
|
/usr/bin/openssl req -new -key "${SERVER}.key" -out "${SERVER}.csr"
|
|
;;
|
|
signcrt)
|
|
if [ ! -f ca.key ] || [ ! -f ca.crt ]; then
|
|
echo "ca.key missing, run \"$0 makeca\" first."
|
|
exit 1
|
|
fi
|
|
if [ ! -f "${SERVER}.csr" ]; then
|
|
echo "${SERVER}.csr missing, run \"$0 makecsr\" first."
|
|
exit 1
|
|
fi
|
|
/usr/bin/openssl x509 -req -days 1825 -in "${SERVER}.csr" -CA ca.crt \
|
|
-CAkey ca.key -set_serial 01 -out "${SERVER}.crt"
|
|
;;
|
|
makedh)
|
|
/bin/dd if=/dev/urandom of=ssldh.rand count=1 2>/dev/null
|
|
/usr/bin/openssl gendh -rand ssldh.rand 512 > "${SERVER}.dh"
|
|
;;
|
|
makepem)
|
|
if [ ! -f "${SERVER}.key" ]; then
|
|
echo "${SERVER}.key missing, run \"$0 makekey\" first."
|
|
exit 1
|
|
fi
|
|
if [ ! -f "${SERVER}.crt" ]; then
|
|
echo "${SERVER}.crt missing, obtain from CA or run \"$0 signcrt\" first."
|
|
exit 1
|
|
fi
|
|
cat "${SERVER}.key" > "${SERVER}.pem"
|
|
cat "${SERVER}.crt" >> "${SERVER}.pem"
|
|
;;
|
|
*)
|
|
echo
|
|
echo $"Usage: $0 {makeca|makekey|makecsr|signcrt|makedh|makepem} <key filename>"
|
|
echo
|
|
exit 2
|
|
esac
|
|
|
|
exit 0
|