63 lines
1.4 KiB
Bash
Executable File
63 lines
1.4 KiB
Bash
Executable File
#!/bin/sh
|
|
|
|
RST=$(tput sgr0)
|
|
RED=$(tput setaf 1)
|
|
GREEN=$(tput setaf 2)
|
|
YELLOW=$(tput setaf 3)
|
|
BOLD=$(tput bold)
|
|
|
|
set -e
|
|
|
|
usage() {
|
|
>&2 echo "usage: $0 client_name"
|
|
exit 1
|
|
}
|
|
|
|
echoinfo() {
|
|
echo "${CYAN}$@${RST}"
|
|
}
|
|
|
|
echoerr() {
|
|
echo "${RED}${BOLD}error:${RST}${RED} $@${RST}"
|
|
}
|
|
|
|
askpass() {
|
|
prompt="$1"
|
|
passvar="$2"
|
|
|
|
while true; do
|
|
echo -n "$prompt "
|
|
read -s $passvar
|
|
|
|
if [ ${#password} -ge 4 ]; then
|
|
echo
|
|
break
|
|
else
|
|
echoerr "Password must be at least 4 characters long."
|
|
fi
|
|
done
|
|
}
|
|
|
|
dir=$(CDPATH= cd -- "$(dirname -- "$0")" && pwd -P)
|
|
email="admin@example.org"
|
|
orgname="org_name"
|
|
common_name="example.org"
|
|
|
|
client_name="$1"
|
|
[ $# -lt 1 ] && usage
|
|
|
|
askpass "Enter your key password:" password
|
|
askpass "Enter your export password:" exportpassword
|
|
|
|
openssl genrsa -des3 -out $client_name.key -passout pass:$password 4096
|
|
openssl req -new -key $client_name.key -out $client_name.csr -passin pass:$password \
|
|
-subj "/C=RU/ST=MOSCOW/L=/O=$orgname/OU=/CN=$common_name/emailAddress=$email"
|
|
|
|
echo "${YELLOW}Now you will be asked for CA private key password.${RST}"
|
|
openssl x509 -req -days 1825 -in "$client_name.csr" -CA "$dir/ca.crt" -CAkey "$dir/ca.key" -set_serial 01 -out "$client_name.crt"
|
|
|
|
openssl pkcs12 -export -clcerts -in $client_name.crt -inkey $client_name.key -out $client_name.p12 \
|
|
-passin pass:$password -passout pass:$exportpassword
|
|
|
|
echo "${GREEN}Done! Your certificate is saved to ${BOLD}$client_name.p12${RST}"
|