4 # gencert - generate certificates
7 # ./gencert [-fh] [-D days] [-d destdir] hostname
10 # A simple script to generate self-signed X.509 certificates for
13 # The option are as follows:
14 # -D Specify the number of days the certificate
15 # will be valid for. Use 365 (a year) by default.
16 # -d Save the certificates to the given directory.
17 # By default the current directory is used.
18 # -f Forcefully overwrite existing certificates
20 # -h Display usage and exit.
26 progname="$(basename -- "$0")"
29 echo "usage: $progname [-fh] [-d destdir] [-D days] hostname" >&2
30 echo "Please read the comment at the top of $0 for the usage." >&2
38 while getopts "D:d:fh" flag; do
41 d) destdir="${OPTARG%/}" ;;
48 shift $(($OPTIND - 1))
54 if [ ! -d "${destdir}" ]; then
55 echo "${progname}: ${destdir} is not a directory." >&2
60 pem="${destdir}/${hostname}.pem"
61 key="${destdir}/${hostname}.key"
63 if [ -f "$pem" -o -f "$key" ]; then
64 if [ $force = no ]; then
66 printf "Overwrite existing certificate $pem? [y/n] "
67 if ! read -r reply; then
72 [yY]) echo "overwriting"; break ;;
73 [nN]) echo "quitting"; exit 0 ;;
93 echo "Generated files:"
94 echo " $pem : certificate"
95 echo " $key : private key"