40 lines
1.1 KiB
Bash
40 lines
1.1 KiB
Bash
#!/bin/bash
|
|
|
|
set -e
|
|
|
|
ROOTCA_DIR="./rootCA"
|
|
ROOTCA_KEY="$ROOTCA_DIR/rootCA.key"
|
|
ROOTCA_PEM="$ROOTCA_DIR/rootCA.pem"
|
|
ROOTCA_SRL="$ROOTCA_DIR/rootCA.srl"
|
|
|
|
# Check if the rootCA directory and files exist
|
|
if [ -f "$ROOTCA_KEY" ] && [ -f "$ROOTCA_PEM" ]; then
|
|
echo "Certificates already exist."
|
|
read -p "Do you want to overwrite them? (y/n): " -n 1 -r
|
|
echo
|
|
if [[ $REPLY =~ ^[Yy]$ ]]; then
|
|
# Create backup directory with timestamp
|
|
current_datetime=$(date +"%Y%m%d_%H%M%S")
|
|
BACKUP_DIR="./$ROOTCA_DIR/bak_$current_datetime"
|
|
mkdir -p "$BACKUP_DIR"
|
|
mv "$ROOTCA_KEY" "$ROOTCA_PEM" "$BACKUP_DIR"
|
|
|
|
if [ -e "$ROOTCA_SRL" ]; then
|
|
mv "$ROOTCA_SRL" "$BACKUP_DIR"
|
|
fi
|
|
|
|
echo "Old certificates moved to $BACKUP_DIR."
|
|
else
|
|
echo "Operation cancelled by the user."
|
|
exit 0
|
|
fi
|
|
fi
|
|
|
|
# Create rootCA directory if it does not exist
|
|
mkdir -p "$ROOTCA_DIR"
|
|
|
|
# Generate new certificates
|
|
openssl genrsa -out "$ROOTCA_KEY" 2048
|
|
openssl req -x509 -new -nodes -key "$ROOTCA_KEY" -sha256 -days 1024 -out "$ROOTCA_PEM"
|
|
|
|
echo "rootCA created." |