ssl-gen/gen-root.sh

40 lines
1.1 KiB
Bash
Raw Normal View History

2024-07-05 15:44:48 +05:00
#!/bin/bash
set -e
ROOTCA_DIR="./rootCA"
ROOTCA_KEY="$ROOTCA_DIR/rootCA.key"
ROOTCA_PEM="$ROOTCA_DIR/rootCA.pem"
ROOTCA_SRL="$ROOTCA_DIR/rootCA.srl"
# Check if the rootCA directory and files exist
if [ -f "$ROOTCA_KEY" ] && [ -f "$ROOTCA_PEM" ]; then
echo "Certificates already exist."
read -p "Do you want to overwrite them? (y/n): " -n 1 -r
echo
if [[ $REPLY =~ ^[Yy]$ ]]; then
# Create backup directory with timestamp
current_datetime=$(date +"%Y%m%d_%H%M%S")
BACKUP_DIR="./$ROOTCA_DIR/bak_$current_datetime"
mkdir -p "$BACKUP_DIR"
mv "$ROOTCA_KEY" "$ROOTCA_PEM" "$BACKUP_DIR"
if [ -e "$ROOTCA_SRL" ]; then
mv "$ROOTCA_SRL" "$BACKUP_DIR"
fi
echo "Old certificates moved to $BACKUP_DIR."
else
echo "Operation cancelled by the user."
exit 0
fi
fi
# Create rootCA directory if it does not exist
mkdir -p "$ROOTCA_DIR"
# Generate new certificates
openssl genrsa -out "$ROOTCA_KEY" 2048
openssl req -x509 -new -nodes -key "$ROOTCA_KEY" -sha256 -days 1024 -out "$ROOTCA_PEM"
echo "rootCA created."