1#!/bin/bash
2
3if ! [[ "$0" =~ "./gencerts.sh" ]]; then
4 echo "must be run from 'fixtures'"
5 exit 255
6fi
7
8if ! which cfssl; then
9 echo "cfssl is not installed"
10 exit 255
11fi
12
13cfssl gencert --initca=true ./ca-csr.json | cfssljson --bare ./ca
14mv ca.pem ca.crt
15openssl x509 -in ca.crt -noout -text
16
17# generate DNS: localhost, IP: 127.0.0.1, CN: example.com certificates
18cfssl gencert \
19 --ca ./ca.crt \
20 --ca-key ./ca-key.pem \
21 --config ./gencert.json \
22 ./server-ca-csr.json | cfssljson --bare ./server
23mv server.pem server.crt
24mv server-key.pem server.key.insecure
25
26rm -f *.csr *.pem *.stderr *.txt
View as plain text