-
Notifications
You must be signed in to change notification settings - Fork 16
/
tls-cert.sh
33 lines (28 loc) · 982 Bytes
/
tls-cert.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
#!/bin/sh
# Check if the user have OpenSSL in their system
if ! [ -x "$(command -v openssl)" ]; then
echo 'Error: openssl is not available in your system.' >&2
exit 1
fi
echo "Generating a Key and CSR"
openssl req \
-new \
-newkey rsa:3072 \
-nodes \
-keyout localhost.key \
-out localhost.csr \
-subj '/CN=127.0.0.1' -extensions EXT -config <( \
printf "[dn]\nCN=localhost\n[req]\ndistinguished_name = dn\n[EXT]\nsubjectAltName=DNS:localhost\nkeyUsage=digitalSignature\nextendedKeyUsage=serverAuth")
echo "Creating a self-signed certificate"
openssl x509 \
-req \
-days 365 \
-in localhost.csr \
-signkey localhost.key \
-out localhost.crt
echo "Certificates are available on:"
echo $PWA
echo "Next steps are:"
echo "Provide your certificate and key to the HTTP Server as follows"
echo "http-server --tls --tls-cert $PWD/localhost.crt --tls-key $PWD/localhost.key"
echo "Note: Keep in mind that Certificate installation may differ depending on OS"