Wednesday, August 19, 2009

Another simpler way to create self-sign certificate for Apache 

#!/bin/bash

MKTEMP=/usr/bin/mktemp
OPENSSL=/usr/bin/openssl

umask 077

answers() {
echo HK
echo China
echo Hong Kong
echo Company Name
echo IT
echo localhost
echo you@example.com
}

if [ $# -eq 0 ] ; then
echo $"Usage: `basename $0` filename [...]"
exit 0
fi

for target in $@ ; do
PEM1=`$MKTEMP $HOME/tmp/openssl.XXXXXX`
PEM2=`$MKTEMP $HOME/tmp/openssl.XXXXXX`
trap "rm -f $PEM1 $PEM2" SIGINT
answers | $OPENSSL req -newkey rsa:1024 -keyout $PEM1 -nodes -x509 -days 365 -out $PEM2 2> /dev/null
cat $PEM1 > ${target}
echo "" >> ${target}
cat $PEM2 >> ${target}
rm -f $PEM1 $PEM2
done
Posted by at
Labels: , , ,