Moved DOMAIN variable inside functions
This commit is contained in:
Frank Bischof
parent
9e530c61c7
commit
6ba574c20b
42
certgen.sh
42
certgen.sh
@ -1,13 +1,15 @@
|
|||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
########################################
|
########################################
|
||||||
# Author: F. Bischof (frank@meer-web.nl)
|
# Author: F. Bischof (frank@meer-web.nl)
|
||||||
# Version: 1.4.3
|
# Version: 1.5.0
|
||||||
# Date: 09-05-2023
|
# Date: 15-05-2023
|
||||||
########################################
|
########################################
|
||||||
ENCRYPTION="sha256"
|
ENCRYPTION="sha256"
|
||||||
BITS="rsa:2048"
|
BITS="rsa:2048"
|
||||||
|
|
||||||
function create_csr {
|
function create_csr {
|
||||||
|
echo -en "Domain: "; read DOMAIN
|
||||||
|
echo -en "Config file (optional): "; read CONFIG
|
||||||
if [ "${CONFIG}" != "" ]
|
if [ "${CONFIG}" != "" ]
|
||||||
then
|
then
|
||||||
openssl req -utf8 -nodes -${ENCRYPTION} -newkey ${BITS} -keyout ${DOMAIN}.key -out ${DOMAIN}.csr -config ${CONFIG_FILE} -extensions 'req_ext'
|
openssl req -utf8 -nodes -${ENCRYPTION} -newkey ${BITS} -keyout ${DOMAIN}.key -out ${DOMAIN}.csr -config ${CONFIG_FILE} -extensions 'req_ext'
|
||||||
@ -18,6 +20,7 @@ function create_csr {
|
|||||||
}
|
}
|
||||||
|
|
||||||
function create_ssc {
|
function create_ssc {
|
||||||
|
echo -en "Domain: "; read DOMAIN
|
||||||
echo -en "How many years should it be valid: "; read YEARSVALID
|
echo -en "How many years should it be valid: "; read YEARSVALID
|
||||||
YEARSVALID=$(($YEARSVALID * 365))
|
YEARSVALID=$(($YEARSVALID * 365))
|
||||||
openssl req -x509 -nodes -days ${YEARSVALID} -newkey ${BITS} -keyout ${DOMAIN}.key -out ${DOMAIN}.crt -${ENCRYPTION}
|
openssl req -x509 -nodes -days ${YEARSVALID} -newkey ${BITS} -keyout ${DOMAIN}.key -out ${DOMAIN}.crt -${ENCRYPTION}
|
||||||
@ -25,34 +28,38 @@ function create_ssc {
|
|||||||
}
|
}
|
||||||
|
|
||||||
function create_pfx {
|
function create_pfx {
|
||||||
|
echo -en "PFX output filename: "; read PFX_FILE
|
||||||
echo -en "Domain certificate path: "; read DOMAIN_CERT
|
echo -en "Domain certificate path: "; read DOMAIN_CERT
|
||||||
echo -en "Domain key path: "; read DOMAIN_KEY
|
echo -en "Domain key path: "; read DOMAIN_KEY
|
||||||
echo -en "Intermediate certificate path (optional): "; read INT_CERT
|
echo -en "Intermediate certificate path (optional): "; read INT_CERT
|
||||||
if [ "${INT_CERT}" != "" ];
|
if [ "${INT_CERT}" != "" ];
|
||||||
then
|
then
|
||||||
echo -en "Root certificate path: "; read ROOT_CERT
|
echo -en "Root certificate path: "; read ROOT_CERT
|
||||||
cat ${INT_CERT} ${ROOT_CERT} > bundle-ca.crt; BUNDLE_CERT="bundle-ca.crt"
|
cat ${INT_CERT} ${ROOT_CERT} > bundle-ca.crt;
|
||||||
openssl pkcs12 -export -in ${DOMAIN_CERT} -out ${DOMAIN}.pfx -inkey ${DOMAIN_KEY} -certfile ${BUNDLE_CERT}
|
BUNDLE_CERT="bundle-ca.crt"
|
||||||
|
openssl pkcs12 -export -in ${DOMAIN_CERT} -out ${PFX_FILE}.pfx -inkey ${DOMAIN_KEY} -certfile ${BUNDLE_CERT}
|
||||||
else
|
else
|
||||||
openssl pkcs12 -export -in ${DOMAIN_CERT} -out ${DOMAIN}.pfx -inkey ${DOMAIN_KEY}
|
openssl pkcs12 -export -in ${DOMAIN_CERT} -out ${PFX_FILE}.pfx -inkey ${DOMAIN_KEY}
|
||||||
fi
|
fi
|
||||||
echo "File ${DOMAIN}.pfx created!"
|
echo "File ${PFX_FILE}.pfx created!"
|
||||||
}
|
}
|
||||||
|
|
||||||
function extract_pfx {
|
function extract_pfx {
|
||||||
echo -en "PFX path: "; read PFX_CERT
|
echo -en "PFX path: "; read PFX_CERT
|
||||||
openssl pkcs12 -in ${PFX_CERT} -nocerts -out ${DOMAIN}.key -nodes
|
FILENAME="`PFX_CERT | sed 's/\.pfx//'`"
|
||||||
openssl pkcs12 -in ${PFX_CERT} -nokeys -out ${DOMAIN}.crt
|
openssl pkcs12 -in ${PFX_CERT} -nocerts -out ${FILENAME}.key -nodes
|
||||||
echo "Files ${DOMAIN}.key and ${DOMAIN}.crt created from PFX"
|
openssl pkcs12 -in ${PFX_CERT} -nokeys -out ${FILENAME}.crt
|
||||||
|
echo "Files ${FILENAME}.key and ${FILENAME}.crt created from PFX"
|
||||||
}
|
}
|
||||||
|
|
||||||
function remove_pw {
|
function remove_pw {
|
||||||
echo -en "Domain key path (optional): "; read DOMAIN_KEY
|
echo -en "Key path: "; read DOMAIN_KEY
|
||||||
openssl rsa -in ${DOMAIN_KEY} -out decrypted-${DOMAIN_KEY}
|
openssl rsa -in ${DOMAIN_KEY} -out decrypted-${DOMAIN_KEY}
|
||||||
echo "File decrypted-${DOMAIN_KEY} created!"
|
echo "File decrypted-${DOMAIN_KEY} created!"
|
||||||
}
|
}
|
||||||
|
|
||||||
function create_all {
|
function create_all {
|
||||||
|
echo -en "Domain: "; read DOMAIN
|
||||||
echo -en "Domain certificate path: "; read DOMAIN_CERT
|
echo -en "Domain certificate path: "; read DOMAIN_CERT
|
||||||
echo -en "Domain key path (optional): "; read DOMAIN_KEY
|
echo -en "Domain key path (optional): "; read DOMAIN_KEY
|
||||||
echo -en "Intermediate certificate path: "; read INT_CERT
|
echo -en "Intermediate certificate path: "; read INT_CERT
|
||||||
@ -105,21 +112,6 @@ function match_crtkey {
|
|||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
if [ "$1" == '--help' ];
|
|
||||||
then
|
|
||||||
echo "Usage: $0 [domain.tld] [config]"
|
|
||||||
exit 0
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [ "$1" == '' ]
|
|
||||||
then
|
|
||||||
echo -en "Domain: "
|
|
||||||
read DOMAIN
|
|
||||||
else
|
|
||||||
DOMAIN=$1
|
|
||||||
CONFIG_FILE=$2
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Show options menu
|
# Show options menu
|
||||||
echo "1. Create self signed certificate"
|
echo "1. Create self signed certificate"
|
||||||
echo "2. Create CSR";
|
echo "2. Create CSR";
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user