-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathgenSSL_V3.sh
97 lines (67 loc) · 2.04 KB
/
genSSL_V3.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
#!/bin/bash
#===============================================================================
# Ergis Kocumi v_3.0 of the script
# FILE: genSSL_V3.sh
#
# USAGE: ./genSSL_V3.sh
#===============================================================================
#variables ges here
#set flag here
XFOUND=0
# edit these below values to replace with yours
homedir=''
yourdomain=''
country=
state=
locality=
organization=" "
organizationalunit=""
san="IP.1= "
# OS is declared and will be used in its next version
OS=$(egrep -io 'Redhat|centos|fedora|ubuntu' /etc/issue)
### function declarations ###
#function to print the info for evere step like "DEBUG"
info()
{
printf '\n%s\t%s\t' "INFO" "$@"
}
#function for printing the error if it happens
fatal()
{
printf '\n%s\t%s\n' "ERROR" "$@"
exit 1
}
printCSR()
{
if [[ -e CAcert.pem ]] && [[ -e CAkey.pem ]]
then
echo -e "\n\n----------------------------CRT-----------------------------"
cat CAcert.pem
echo -e "\n----------------------------KEY-----------------------------"
cat CAkey.pem
echo -e "------------------------------------------------------------\n"
else
fatal "CSR or KEY generation failed !!"
fi
}
genCA_Certs()
{
#STEP 1: creating che key for the CA to use for signign
info "Generate RootCA Private Key"
#COMAND:
openssl genrsa -out CAkey.pem 4096 2>/dev/null && echo -n "[DONE]" || fatal "Unable to Generate RootCA Private key"
#STEP 2: generatiche the ROOTCA certificate with the key at step 1
info "Generate RootCA Certificate"
#COMAND:
openssl req -new -x509 -days 3650 -extensions v3_ca -key CAkey.pem -out CAcert.pem && echo -n "[DONE]" || fatal "Unable to Generate RootCA Certificate"
## dopo aver aggiunto la riga di codice per segnalare un errore in caso >> ((( 2>/dev/null && echo -n "[DONE]" || fatal "Unable to Generate RootCA Certificate")))
## il programma non continua più a funzionare e non capisco perchè
}
### START MAIN ###
parseSubject "$subj"
genCA_Certs
if [ $XFOUND -eq 0 ]
then
sleep 2
printCSR
fi