1
Self-signed SSL/TLS certificate generation script
Firewall and Security | by dorianniemiec | submitted in September 29, 2024
This script generates self-signed SSL/TLS certificate and private key using OpenSSL.
#!/bin/bash
# Set the certificate details
COUNTRY="US"
STATE="California"
LOCALITY="San Francisco"
ORGANIZATION="Example Inc."
ORGANIZATIONAL_UNIT="IT Department"
COMMON_NAME="example.com"
EMAIL_ADDRESS="admin@example.com"
# Set the certificate validity
VALIDITY_DAYS=365
# Create a new private key
openssl genrsa -out server.key 2048
# Create a certificate signing request (CSR)
openssl req -new -key server.key -out server.csr -subj "/C=$COUNTRY/ST=$STATE/L=$LOCALITY/O=$ORGANIZATION/OU=$ORGANIZATIONAL_UNIT/CN=$COMMON_NAME/emailAddress=$EMAIL_ADDRESS"
# Create a self-signed certificate
openssl x509 -req -in server.csr -signkey server.key -out server.crt -days $VALIDITY_DAYS -subj "/C=$COUNTRY/ST=$STATE/L=$LOCALITY/O=$ORGANIZATION/OU=$ORGANIZATIONAL_UNIT/CN=$COMMON_NAME/emailAddress=$EMAIL_ADDRESS"