more

54270fda · Raymond Kristiansen · 47a4201c · 54270fda · 54270fda · 54270fda
Commit 54270fda authored Jul 11, 2016 by Raymond Kristiansen
--- a/cnf/dashboard.local1.intern.cnf
+++ b/cnf/dashboard.local1.intern.cnf
+[ req ]
+default_bits = 2048
+prompt = no
+encrypt_key = no
+default_md = sha256
+distinguished_name = dn
+utf8 = yes
+req_extensions = v3_req
+
+[ v3_req ]
+subjectAltName = @alt_names
+
+[ dn ]
+C = NO
+O = UH-IaaS
+CN = dashboard.local1.intern
+
+[alt_names]
+DNS.1 = api.local1.intern
--- a/cnf/example.cnf
+++ b/cnf/example.cnf
+[ req ]
+default_bits = 2048
+prompt = no
+encrypt_key = no
+default_md = sha256
+distinguished_name = dn
+utf8 = yes
+req_extensions = v3_req
+
+[ v3_req ]
+subjectAltName = @alt_names
+
+[ dn ]
+C = NO
+O = Universitetet_i_Bergen
+CN = servernavn.uib.no
+
+[alt_names]
+DNS.1 = altnavn1.uib.no
+DNS.2 = altnavn2.uib.no
--- a/gen_server_cert.sh
+++ b/gen_server_cert.sh
+#/bin/bash
+
+host=$1
+cnf="cnf/${host}.cnf"
+
+if [ -f "cnf/${host}.cnf" ]; then
+  cnf="cnf/${host}.cnf"
+else
+  cnf="intermediate/openssl.cnf"
+fi
+
+echo "Using ${cnf} as config file"
+
+openssl genrsa -out intermediate/private/${host}.key.pem 2048
+
+
+openssl req -config ${cnf} -key intermediate/private/${host}.key.pem -new -sha256 -out intermediate/csr/${host}.csr.pem
+
+openssl ca -config intermediate/openssl.cnf -extensions v3_req \
+  -days 375 -notext -md sha256 -in intermediate/csr/${host}.csr.pem \
+  -out intermediate/certs/${host}.cert.pem