Page MenuHomePhorge
Files F117886998

regen-certs
No OneTemporary
Actions

Authored By
Unknown
Size
1 KB
Referenced Files
None
Subscribers
None

regen-certs
View Options

#!/bin/bash
base_dir=$(dirname $(dirname $0))
base_dir="${base_dir}/docker/certs/"
if [ ! -d "${base_dir}" ]; then
mkdir -p ${base_dir}
fi
if [ ! -f "${base_dir}/ca.key" ]; then
openssl genrsa -out ${base_dir}/ca.key 4096
openssl req \
-new \
-x509 \
-nodes \
-days 3650 \
-key ${base_dir}/ca.key \
-out ${base_dir}/ca.cert \
-subj '/O=Example CA/'
fi
if [ -f /etc/pki/tls/openssl.cnf ]; then
openssl_cnf="/etc/pki/tls/openssl.cnf"
elif [ -f /etc/ssl/openssl.cnf ]; then
openssl_cnf="/etc/ssl/openssl.cnf"
else
echo "No openssl.cnf"
exit 1
fi
for name in kolab.mgmt.com kolab.hosted.com; do
openssl genrsa -out ${base_dir}/${name}.key 4096
openssl req \
-new \
-key ${base_dir}/${name}.key \
-out ${base_dir}/${name}.csr \
-subj "/O=Example CA/CN=${name}/" \
-reqexts SAN \
-config <(cat ${openssl_cnf} \
<(printf "[SAN]\nsubjectAltName=DNS:${name}"))
openssl x509 \
-req \
-in ${base_dir}/${name}.csr \
-CA ${base_dir}/ca.cert \
-CAkey ${base_dir}/ca.key \
-CAcreateserial \
-out ${base_dir}/${name}.cert \
-days 28 \
-extfile <(cat ${openssl_cnf} \
<(printf "[SAN]\nsubjectAltName=DNS:${name}")) \
-extensions SAN
# 'cause java ...
openssl pkcs8 \
-topk8 \
-inform pem \
-in ${base_dir}/${name}.key \
-outform pem \
-nocrypt \
-out ${base_dir}/${name}_p8.key
done

File Metadata

Mime Type
text/x-shellscript
Expires
Mon, Apr 6, 2:48 AM (2 w, 5 d ago)
Storage Engine
local-disk
Storage Format
Raw Data
Storage Handle
03/0c/eeb0e3e2faa2dc124cf69da5b165
Default Alt Text
regen-certs (1 KB)

Event Timeline