blob: 9aeae6859be7d5136bde3182a3484fa94e7efff0 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
|
#!/bin/sh
SECS=1167609600
cd /etc
NVCN=`nvram get https_crt_cn`
if [ "$NVCN" == "" ]; then
NVCN=`nvram get lan_ipaddr`
fi
cp -L openssl.cnf openssl.config
I=0
for CN in $NVCN; do
echo "$I.commonName=CN" >> openssl.config
echo "$I.commonName_value=$CN" >> openssl.config
I=$(($I + 1))
done
# create the key and certificate request
openssl req -new -out /tmp/cert.csr -config openssl.config -keyout /tmp/privkey.pem -newkey rsa:1024 -passout pass:password
# remove the passphrase from the key
openssl rsa -in /tmp/privkey.pem -out key.pem -passin pass:password
# convert the certificate request into a signed certificate
openssl x509 -in /tmp/cert.csr -out cert.pem -req -signkey key.pem -setstartsecs $SECS -days 3653 -set_serial $1
# openssl x509 -in /etc/cert.pem -text -noout
rm -f /tmp/cert.csr /tmp/privkey.pem openssl.config
|
