创建脚本create_self_signed_cert.sh
#!/usr/bin/env bash
set -e
# Locate shell script path
SCRIPT_DIR=$(dirname $0)
if [ ${SCRIPT_DIR} != '.' ]
then
cd ${SCRIPT_DIR}
fi
# Generate RSA private key 注意修改这里的密码
openssl genrsa -des3 -passout pass:xxx -out server.pass.key 2048
# Remove password in the private key 注意修改这里的密码
openssl rsa -passin pass:xxx -in server.pass.key -out server.key
rm -f server.pass.key
# Generate CSR sign request
SUBJ="$1"
openssl req -new -key server.key -out server.csr -subj "$SUBJ"
# Generate CRT signed cert days:有效期天数
openssl x509 -req -days 36500 -in server.csr -signkey server.key -out server.crt
执行脚本
./create_self_signed_cert.sh "/E=contact@xxx.com/CN=quality.baidu.com/OU=User Experience/O=xxxx/L=Marseille/S=PACA/C=FR"
参考文档:
https://blog.csdn.net/nklinsirui/article/details/89432430
https://github.com/cookcodeblog/OneDayDevOps/blob/master/components/ssl/create_self_signed_cert.sh