certificates:create_certificates_using_bash
This is an old revision of the document!
Certificates - Create Certificates using BASH
Create a self-signed SSL Certificates for Apache and Nginx web-servers.
<file bash ssl_create_cert.sh> #!/bin/bash # # USAGE: # chmod +x ./ssl_create_cert.sh # sudo ./ssl_create_cert.sh
################## DECLARE FUNCTIONS ######################
checkRoot() {
if [ $(id -u) -ne 0 ]; then printf "Script must be run as root. Try 'sudo ./ssl_certificate_creater.sh'\n" exit 1 fi
}
checkNeededPackages() {
lst="dialog openssl"
for items in $lst
do
type -P $items &>/dev/null || {
echo -en "\n Package \"$items\" is not installed!"
echo -en "\n Install now? [yes]/[no]: "
read ops
case $ops in
YES|yes|Y|y) sudo apt-get install $items ;;
*) echo -e "\n Exiting..."
exit 1 ;;
esac
}
done
}
setServerName() {
cmd=(dialog --backtitle "arthurgareginyan.com - Create SSL Certificate for NGinX/Apache" \
--inputbox "\n Please enter the URL of your website." 22 76 $__servername)
choices=$("${cmd[@]}" 2>&1 >/dev/tty)
if [ "$choices" != "" ]; then
__servername=$choices
else
break
fi
}
checkServerName() {
if [ "$__servername" = "" ]; then setServerName fi
}
installCertificateNginx() {
dialog --backtitle "sharewiz.net - Create SSL Certificate for NGinX/Apache" \
--title "Create SSL Certificate for NGinX" \
--msgbox "\n We are now going to create a self-signed certificate. While you could simply press ENTER when you are asked for country name etc. or enter whatever you want, it might be beneficial to have the web servers host name in the common name field of the certificate." 20 60
mkdir -p /etc/nginx/ssl
openssl req -new -x509 -days 3650 -nodes -out /etc/nginx/ssl/$__servername.crt -keyout /etc/nginx/ssl/$__servername.key
chmod 600 /etc/nginx/ssl/$__servername.key
dialog --backtitle "sharewiz.net - Create SSL Certificate for NGinX/Apache" \
--title "Create SSL Certificate for NGinX" \
--msgbox "\n Done! Your certificates are available at /etc/nginx/ssl/$__servername.crt & /etc/nginx/ssl/$__servername.key" 20 60
}
installCertificateApache() {
dialog --backtitle "sharewiz.net - Create SSL Certificate for NGinX/Apache" \
--title "Create SSL Certificate for Apache" \
--msgbox "\n We are now going to create a self-signed certificate. While you could simply press ENTER when you are asked for country name etc. or enter whatever you want, it might be beneficial to have the web servers host name in the common name field of the certificate." 20 60
clear
mkdir -p /etc/apache2/ssl
openssl req -new -x509 -days 3650 -nodes -out /etc/apache2/ssl/$__servername.crt -keyout /etc/apache2/ssl/$__servername.key
chmod 600 /etc/apache2/ssl/$__servername.key
dialog --backtitle "sharewiz.net - Create SSL Certificate for NGinX/Apache" \
--title "Create SSL Certificate for Apache" \
--msgbox "\n Done! Your certificates are available at /etc/apache2/ssl/$__servername.crt & /etc/apache2/ssl/$__servername.key" 20 60
}
######################## GO ###############################
checkRoot checkNeededPackages
while true; do
cmd=(dialog --backtitle "sharewiz.net - Create SSL Certificate for NGinX/Apache" \
--title "Create SSL Certificate for NGinX/Apache" \
--menu "You MUST set the server URL (e.g., myaddress.dyndns.org) before starting create certificate. Choose task:" 20 60 15)
options=(1 "Set server URL ($__servername)"
2 "Generate new SSL certificate for NGiNX"
3 "Generate new SSL certificate for Apache"
4 "Exit")
choice=$("${cmd[@]}" "${options[@]}" 2>&1 >/dev/tty)
if [ "$choice" != "" ]; then
case $choice in
1) setServerName ;;
2) checkServerName
installCertificateNginx ;;
3) checkServerName
installCertificateApache ;;
4) clear
exit 0 ;;
esac
else
break
fi
done clear
exit 0 </code>
certificates/create_certificates_using_bash.1589648581.txt.gz · Last modified: 2020/07/15 09:30 (external edit)