6 echo "cleanup previous run..."
8 mkdir output/csr output/crt
10 while read cdline ; do
11 if [[ $cdline == "" || $cdline == "#"* ]] ; then
16 read -a certdata <<< "$cdline"
18 echo "*** Processing: $(date -Iseconds) - ${certdata[0]} - ${certdata[1]} ***"
19 if [[ -d "output/${certdata[1]}" ]] ; then
20 echo "*** ERROR - THIS SEEMS TO ALREADY EXIST ***" 1>&2
21 echo "*** ABORTED ***" 1>&2
25 mkdir "output/${certdata[1]}"
26 chmod o+x "output/${certdata[1]}"
28 SUBJECT="${certdata[2]}CN=${certdata[1]}/"
29 DNS_NAMES="${certdata[1]},${certdata[3]}"
32 cat openssl.cnf > /tmp/certgen.cnf
34 for name in $DNS_NAMES; do
35 if [[ "" == $name ]] ; then
38 COUNTER=$((COUNTER+1))
39 echo "DNS.${COUNTER} = $name" >> /tmp/certgen.cnf
45 cd "output/${certdata[1]}"
46 openssl genrsa -out "${certdata[1]}.key" 4096 &> /dev/null
47 openssl req -new -key "${certdata[1]}.key" -out "${certdata[1]}.csr" -utf8 -batch -subj "${SUBJECT}" -config /tmp/certgen.cnf
49 if [[ ${certdata[0]} == "CRT" ]] ; then
50 openssl x509 -req -signkey "${certdata[1]}.key" -in "${certdata[1]}.csr" -out "${certdata[1]}.crt" -extensions v3_req -extfile /tmp/certgen.cnf \
51 -days 365 -sha512 &> /dev/null
52 chmod o+r "${certdata[1]}.crt"
54 echo -n "${certdata[1]} " >> "${MYPWD}/output/fpfile.txt"
55 openssl x509 -in "${certdata[1]}.crt" -fingerprint -noout -sha512 >> "${MYPWD}/output/fpfile.txt"
56 echo "" >> "${MYPWD}/output/fpfile.txt"
62 if [[ ${certdata[0]} == "CRT" ]] ; then
63 mv "output/${certdata[1]}" "output/crt/${certdata[1]}"
65 mv "output/${certdata[1]}" "output/csr/${certdata[1]}"
71 ls -l output/*/ | grep -v "total"
SomeNet / public repos / tools / certgen.git / blob