Add script for generating self-signed EC certs

This commit is contained in:
Lucas 2020-02-13 02:59:09 +00:00
parent 0dd308156c
commit bce4c8c754

33
utils/gen-ec-cert.sh Normal file
View File

@ -0,0 +1,33 @@
#!/bin/sh
usage()
{
printf "Usage: %s [-c curve] [-d days] domain\n" "${0##*/}" >&2
exit 1
}
tonumber()
{
printf "%u\n" "$*"
}
curve=secp384r1
days=3650
while getopts c:d: flag; do
case $flag in
c) [ -n "$OPTARG" ] || usage
curve=$OPTARG
;;
d) days=$(tonumber "$OPTARG") || usage
;;
*) usage
;;
esac
done
shift $((OPTIND - 1))
[ $# -eq 1 ] && [ -n "$1" ] || usage
domain=$1
(umask 077 && openssl genpkey -aes256 \
-algorithm ec -pkeyopt ec_paramgen_curve:"$curve" -out "$domain.key") &&
openssl req -new -nodes -x509 -days "$days" -subj "/CN=$domain" \
-key "$domain.key" -out "$domain.pem"