random-stuff/basic_configs/ssl/gen.fish

18 lines
719 B
Fish
Raw Normal View History

#!/usr/bin/fish
# setup vars
envsubst <CA.cnf.base >CA.cnf
# gen CA Root
openssl genpkey -algorithm RSA -out self_ca.key -pkeyopt rsa_keygen_bits:4096
openssl req -new -key self_ca.key -out ca.csr -extensions v3_ca -config CA.cnf
openssl x509 -req -sha256 -days 365 -in ca.csr -signkey self_ca.key -extfile CA.cnf -out self_ca.crt -extensions v3_ca
# gen cert
openssl genpkey -algorithm RSA -out local.key -pkeyopt rsa_keygen_bits:2048
openssl req -new -key local.key -extensions v3_ca -out local.csr -config local_cert.cnf
openssl x509 -req -sha256 -days 365 -in local.csr -CAkey self_ca.key -CA self_ca.crt -out local.crt -extfile local_cert.cnf -extensions v3_ca
# cleanup
rm self_ca.key ca.csr local.csr CA.cnf