bin/generate_cert.sh

   1 #!/usr/bin/env bash
   2 NAME=${1:-server}
   3 DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
   4 openssl req \
   5   -newkey rsa:4096 \
   6   -days 1001 \
   7   -nodes \
   8   -x509 \
   9   -subj "/C=US/ST=California/L=San Francisco/O=LULZCorp/OU=web/CN=localhost" \
  10   -extensions SAN \
  11   -config <( cat $( [[ "Darwin" = "$(uname -s)" ]]  && echo /System/Library/OpenSSL/openssl.cnf || echo /etc/ssl/openssl.cnf  ) \
  12     <(printf "[SAN]\nsubjectAltName='DNS:alttp.desktop-dk'")) \
  13   -keyout "${DIR}/${NAME}.key" \
  14   -out "${DIR}/${NAME}.crt"
  15
  16 echo ""
  17 echo "* Generated $NAME.key and $NAME.crt files in local directory"
  18 echo ""
  19
  20 if [[ "$OSTYPE" == "darwin"* ]]; then
  21   echo "* Installing cert into local Keychain."
  22   echo "* To see or modify, run 'Keychain Access' app and look in the 'System' Folder"
  23   sudo security add-trusted-cert -d -p ssl -r trustRoot -k "/Library/Keychains/System.keychain" "${DIR}/${NAME}.crt"
  24 else
  25   echo "* Please install and trust cert at conf/$NAME.crt"
  26 fi
  27 cd "$DIR"
  28 if [[ ! -d "${DIR}/../conf/" ]]; then
  29   mkdir "${DIR}/../conf/"
  30 fi
  31 mv ${NAME}.{key,crt} "${DIR}/../conf/"