Add script for generating self-signed EC certs
This commit is contained in:
parent
0dd308156c
commit
bce4c8c754
33
utils/gen-ec-cert.sh
Normal file
33
utils/gen-ec-cert.sh
Normal file
@ -0,0 +1,33 @@
|
||||
#!/bin/sh
|
||||
usage()
|
||||
{
|
||||
printf "Usage: %s [-c curve] [-d days] domain\n" "${0##*/}" >&2
|
||||
exit 1
|
||||
}
|
||||
|
||||
tonumber()
|
||||
{
|
||||
printf "%u\n" "$*"
|
||||
}
|
||||
|
||||
curve=secp384r1
|
||||
days=3650
|
||||
while getopts c:d: flag; do
|
||||
case $flag in
|
||||
c) [ -n "$OPTARG" ] || usage
|
||||
curve=$OPTARG
|
||||
;;
|
||||
d) days=$(tonumber "$OPTARG") || usage
|
||||
;;
|
||||
*) usage
|
||||
;;
|
||||
esac
|
||||
done
|
||||
shift $((OPTIND - 1))
|
||||
[ $# -eq 1 ] && [ -n "$1" ] || usage
|
||||
domain=$1
|
||||
|
||||
(umask 077 && openssl genpkey -aes256 \
|
||||
-algorithm ec -pkeyopt ec_paramgen_curve:"$curve" -out "$domain.key") &&
|
||||
openssl req -new -nodes -x509 -days "$days" -subj "/CN=$domain" \
|
||||
-key "$domain.key" -out "$domain.pem"
|
Loading…
Reference in New Issue
Block a user