add script to generate CSR's with subjectAltName

author Ralf Jung <post@ralfj.de>

Sun, 6 Dec 2015 16:14:41 +0000 (17:14 +0100)

committer Ralf Jung <post@ralfj.de>

Sun, 6 Dec 2015 16:14:41 +0000 (17:14 +0100)
author Ralf Jung <post@ralfj.de>
Sun, 6 Dec 2015 16:14:41 +0000 (17:14 +0100)
committer Ralf Jung <post@ralfj.de>
Sun, 6 Dec 2015 16:14:41 +0000 (17:14 +0100)
diff --git a/gencsr.sh b/gencsr.sh

new file mode 100755 (executable)

index 0000000..a419359
--- /dev/null
+++ b/gencsr.sh
@@ -0,0 +1,14 @@
+#!/bin/bash
+set -e
+## ./gencsr.sh KEY.key DOMAIN1 DOMAIN2: Generate (to stdout) a CSR for this key, for all the domains listed later
+
+KEY="$1"
+shift
+
+test -f "$KEY" || (echo "Usage: $0 KEY.key DOMAIN1 DOMAIN2"; exit 1)
+
+openssl req -new -sha256 -key "$1" -subj "/" -reqexts SAN \
+  -config <(cat /etc/ssl/openssl.cnf \
+  <(echo "[SAN]"; echo -n "subjectAltName="; unset COMMA; \
+    for domain in "$@"; do test -n "$COMMA" && echo -n ","; echo -n "DNS:$domain"; COMMA=1; done; echo) \
+  )
author	Ralf Jung <post@ralfj.de>
	Sun, 6 Dec 2015 16:14:41 +0000 (17:14 +0100)
committer	Ralf Jung <post@ralfj.de>
	Sun, 6 Dec 2015 16:14:41 +0000 (17:14 +0100)