Add Linux/GenMultiDomainSelfSignedCert.sh

2023-11-16 23:26:33 +01:00
parent d76edd80bf
commit 0638efa018
1 changed files with 54 additions and 0 deletions
--- a/Linux/GenMultiDomainSelfSignedCert.sh
+++ b/Linux/GenMultiDomainSelfSignedCert.sh
@@ -0,0 +1,54 @@
+#!/bin/bash
+#Generate mutidomain self-signed certificate
+##brammp 2023##
+
+HostName=$(hostname)
+IPAddress=$(hostname -i)
+ServiceName=xRDP
+
+#OpenSSL Config
+cat <<EOF > customopenssl.cnf
+[req]
+distinguished_name = req_distinguished_name
+# The extensions to add to the self signed cert
+x509_extensions = v3_ca
+# Run non-interactively
+prompt = no
+#distinguished_name = req_distinguished_name
+#req_extensions     = req_ext
+
+[req_distinguished_name]
+# Certificate subject
+countryName = NL
+#stateOrProvinceName =
+#localityName = Sunnyvale
+organizationName = Home
+#organizationalUnitName =
+commonName = $ServiceName
+#emailAddress =
+
+[v3_ca]
+# Extensions for a typical CA - PKIX recommendation.
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid:always, issuer
+basicConstraints = CA:true
+
+[ v3_req ]
+# Extensions to add to a certificate request
+basicConstraints = CA:FALSE
+keyUsage = nonRepudiation, digitalSignature, keyEncipherment
+subjectAltName = @alt_names
+
+[alt_names]
+DNS.1 = $HostName
+DNS.2 = $IPAddress
+EOF
+
+#Generate Cert
+openssl genrsa -out key.pem 2048
+openssl req -new -out csr.pem -key key.pem -config customopenssl.cnf
+openssl x509 -req -days 3650 -in csr.pem -signkey key.pem -out cert.pem -extensions v3_req -extfile customopenssl.cnf
+
+
+# Cleanup
+rm -f customopenssl.cnf csr.pem