Moved DOMAIN variable inside functions

This commit is contained in:
Frank Bischof 2023-05-15 16:29:28 +02:00
parent 9e530c61c7
commit 6ba574c20b

View File

@ -1,13 +1,15 @@
#!/bin/bash #!/bin/bash
######################################## ########################################
# Author: F. Bischof (frank@meer-web.nl) # Author: F. Bischof (frank@meer-web.nl)
# Version: 1.4.3 # Version: 1.5.0
# Date: 09-05-2023 # Date: 15-05-2023
######################################## ########################################
ENCRYPTION="sha256" ENCRYPTION="sha256"
BITS="rsa:2048" BITS="rsa:2048"
function create_csr { function create_csr {
echo -en "Domain: "; read DOMAIN
echo -en "Config file (optional): "; read CONFIG
if [ "${CONFIG}" != "" ] if [ "${CONFIG}" != "" ]
then then
openssl req -utf8 -nodes -${ENCRYPTION} -newkey ${BITS} -keyout ${DOMAIN}.key -out ${DOMAIN}.csr -config ${CONFIG_FILE} -extensions 'req_ext' openssl req -utf8 -nodes -${ENCRYPTION} -newkey ${BITS} -keyout ${DOMAIN}.key -out ${DOMAIN}.csr -config ${CONFIG_FILE} -extensions 'req_ext'
@ -18,6 +20,7 @@ function create_csr {
} }
function create_ssc { function create_ssc {
echo -en "Domain: "; read DOMAIN
echo -en "How many years should it be valid: "; read YEARSVALID echo -en "How many years should it be valid: "; read YEARSVALID
YEARSVALID=$(($YEARSVALID * 365)) YEARSVALID=$(($YEARSVALID * 365))
openssl req -x509 -nodes -days ${YEARSVALID} -newkey ${BITS} -keyout ${DOMAIN}.key -out ${DOMAIN}.crt -${ENCRYPTION} openssl req -x509 -nodes -days ${YEARSVALID} -newkey ${BITS} -keyout ${DOMAIN}.key -out ${DOMAIN}.crt -${ENCRYPTION}
@ -25,34 +28,38 @@ function create_ssc {
} }
function create_pfx { function create_pfx {
echo -en "PFX output filename: "; read PFX_FILE
echo -en "Domain certificate path: "; read DOMAIN_CERT echo -en "Domain certificate path: "; read DOMAIN_CERT
echo -en "Domain key path: "; read DOMAIN_KEY echo -en "Domain key path: "; read DOMAIN_KEY
echo -en "Intermediate certificate path (optional): "; read INT_CERT echo -en "Intermediate certificate path (optional): "; read INT_CERT
if [ "${INT_CERT}" != "" ]; if [ "${INT_CERT}" != "" ];
then then
echo -en "Root certificate path: "; read ROOT_CERT echo -en "Root certificate path: "; read ROOT_CERT
cat ${INT_CERT} ${ROOT_CERT} > bundle-ca.crt; BUNDLE_CERT="bundle-ca.crt" cat ${INT_CERT} ${ROOT_CERT} > bundle-ca.crt;
openssl pkcs12 -export -in ${DOMAIN_CERT} -out ${DOMAIN}.pfx -inkey ${DOMAIN_KEY} -certfile ${BUNDLE_CERT} BUNDLE_CERT="bundle-ca.crt"
openssl pkcs12 -export -in ${DOMAIN_CERT} -out ${PFX_FILE}.pfx -inkey ${DOMAIN_KEY} -certfile ${BUNDLE_CERT}
else else
openssl pkcs12 -export -in ${DOMAIN_CERT} -out ${DOMAIN}.pfx -inkey ${DOMAIN_KEY} openssl pkcs12 -export -in ${DOMAIN_CERT} -out ${PFX_FILE}.pfx -inkey ${DOMAIN_KEY}
fi fi
echo "File ${DOMAIN}.pfx created!" echo "File ${PFX_FILE}.pfx created!"
} }
function extract_pfx { function extract_pfx {
echo -en "PFX path: "; read PFX_CERT echo -en "PFX path: "; read PFX_CERT
openssl pkcs12 -in ${PFX_CERT} -nocerts -out ${DOMAIN}.key -nodes FILENAME="`PFX_CERT | sed 's/\.pfx//'`"
openssl pkcs12 -in ${PFX_CERT} -nokeys -out ${DOMAIN}.crt openssl pkcs12 -in ${PFX_CERT} -nocerts -out ${FILENAME}.key -nodes
echo "Files ${DOMAIN}.key and ${DOMAIN}.crt created from PFX" openssl pkcs12 -in ${PFX_CERT} -nokeys -out ${FILENAME}.crt
echo "Files ${FILENAME}.key and ${FILENAME}.crt created from PFX"
} }
function remove_pw { function remove_pw {
echo -en "Domain key path (optional): "; read DOMAIN_KEY echo -en "Key path: "; read DOMAIN_KEY
openssl rsa -in ${DOMAIN_KEY} -out decrypted-${DOMAIN_KEY} openssl rsa -in ${DOMAIN_KEY} -out decrypted-${DOMAIN_KEY}
echo "File decrypted-${DOMAIN_KEY} created!" echo "File decrypted-${DOMAIN_KEY} created!"
} }
function create_all { function create_all {
echo -en "Domain: "; read DOMAIN
echo -en "Domain certificate path: "; read DOMAIN_CERT echo -en "Domain certificate path: "; read DOMAIN_CERT
echo -en "Domain key path (optional): "; read DOMAIN_KEY echo -en "Domain key path (optional): "; read DOMAIN_KEY
echo -en "Intermediate certificate path: "; read INT_CERT echo -en "Intermediate certificate path: "; read INT_CERT
@ -105,21 +112,6 @@ function match_crtkey {
fi fi
} }
if [ "$1" == '--help' ];
then
echo "Usage: $0 [domain.tld] [config]"
exit 0
fi
if [ "$1" == '' ]
then
echo -en "Domain: "
read DOMAIN
else
DOMAIN=$1
CONFIG_FILE=$2
fi
# Show options menu # Show options menu
echo "1. Create self signed certificate" echo "1. Create self signed certificate"
echo "2. Create CSR"; echo "2. Create CSR";