Generar certificados válidos

Gracias a esto: https://gist.github.com/cecilemuller/9492b848eb8fe46d462abeb26656c4f8
This commit is contained in:
Cat /dev/Nulo 2021-07-22 15:53:21 +00:00
parent 2bf1868e0f
commit a2a41fe645
2 changed files with 18 additions and 10 deletions

7
domains.ext Normal file
View file

@ -0,0 +1,7 @@
authorityKeyIdentifier=keyid,issuer
basicConstraints=CA:FALSE
keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
subjectAltName = @alt_names
[alt_names]
DNS.1 = sutty.local
DNS.2 = *.sutty.local

View file

@ -81,19 +81,20 @@ generar_certificado() {
echo "Generando certificados..." echo "Generando certificados..."
correr "openssl genpkey -algorithm RSA -pass pass:sutty -out $ca_key" correr "openssl req -x509 -nodes -new -sha256 -days 1024 -newkey rsa:2048 \
correr "openssl req -x509 -new -nodes -key $ca_key -sha256 \ -keyout $ca_key -out $ca_crt.pem -subj '/C=AR/CN=Sutty-Local-CA'"
-passin pass:sutty -passout pass:sutty \ correr "openssl x509 -outform pem -in $ca_crt.pem -out $ca_crt"
-subj '/C=IN/ST=Cyberspace/L=Cyberspace/O=Sutty/OU=Espacio/CN=Sutty Local CA' \
-days 3650 -out $ca_crt"
correr "update-ca-certificates" correr "update-ca-certificates"
correr "openssl req -nodes -newkey rsa:2048 -keyout $domain_key -out $domain_csr \ correr "openssl req -new -nodes -newkey rsa:2048 \
-subj '/C=IN/ST=Cyberspace/L=Cyberspace/O=Sutty/OU=Espacio/CN=sutty.local/CN=*.sutty.local'" -keyout $domain_key -out $domain_csr \
correr "openssl x509 -req -in $domain_csr \ -subj '/C=AR/ST=Ninguno/L=Interdimension/O=Sutty-Local/CN=sutty.local'"
-CA $ca_crt -CAkey $ca_key -CAcreateserial \ correr "openssl x509 -req -sha256 -days 3650 \
-out $domain_crt -days 3650 -sha256" -in $domain_csr -CA $ca_crt.pem -CAkey $ca_key \
-CAcreateserial -extfile /Sutty/haini.sh/domains.ext -out $domain_crt"
rm "$ENTORNO$ca_crt.pem"
echo "Instalando certificados..." echo "Instalando certificados..."
if which update-ca-certificates 2>/dev/null; then if which update-ca-certificates 2>/dev/null; then