create_certs.sh - agate - Simple gemini server for static files

create_certs.sh (895B)

      1 #!/bin/bash
      2 
      3 mkdir -p example.com example.org
      4 
      5 for domain in "example.com" "example.org"
      6 do
      7 # create private key
      8 openssl genpkey -outform DER -out $domain/key.der -algorithm RSA -pkeyopt rsa_keygen_bits:4096
      9 
     10 # create config file:
     11 # the generated certificates must not be CA-capable, otherwise rustls complains
     12 cat >openssl.conf <<EOT
     13 [req]
     14 default_bits = 4096
     15 distinguished_name = req_distinguished_name
     16 req_extensions = req_ext
     17 prompt = no
     18 
     19 [v3_ca]
     20 basicConstraints = critical, CA:false
     21 
     22 [req_distinguished_name]
     23 commonName = $domain
     24 
     25 [req_ext]
     26 subjectAltName = DNS:$domain
     27 EOT
     28 
     29 openssl req -new -sha256 -out request.csr -key $domain/key.der -keyform DER -config openssl.conf
     30 
     31 openssl x509 -req -sha256 -days 3650 -in request.csr -outform DER -out $domain/cert.der \
     32 	-extensions req_ext -extfile openssl.conf -signkey $domain/key.der -keyform DER
     33 done
     34 
     35 # clean up
     36 rm openssl.conf request.csr

	agate Simple gemini server for static files
	git clone https://github.com/mbrubeck/agate.git
	Log \| Files \| Refs \| README