ikarus/myca-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
62f2690fb5
myca-tools/bin/init-ca.sh
sysadmin 62f2690fb5 Initial commit
2025-08-20 16:14:31 +01:00

26 lines
749 B
Bash
Raw Blame History

#!/usr/bin/env bash
# Initialise a simple local root CA in /etc/ssl/myca
set -euo pipefail
MYCA_DIR="${MYCA_DIR:-/etc/ssl/myca}"
CN="${1:-/CN=Local Development Root CA}"
DAYS="${DAYS:-3650}"
install -d -m 755 "$MYCA_DIR" "$MYCA_DIR/certs" "$MYCA_DIR/csrs" "$MYCA_DIR/exts"
install -d -m 700 "$MYCA_DIR/private"
if [[ -e "$MYCA_DIR/myCA.key" || -e "$MYCA_DIR/myCA.pem" ]]; then
echo "CA already exists in $MYCA_DIR" >&2
exit 1
fi
openssl genrsa -out "$MYCA_DIR/myCA.key" 4096
chmod 600 "$MYCA_DIR/myCA.key"
openssl req -x509 -new -nodes -key "$MYCA_DIR/myCA.key" -sha256 -days "$DAYS" \
-out "$MYCA_DIR/myCA.pem" -subj "$CN"
chmod 644 "$MYCA_DIR/myCA.pem"
echo "Root CA created: $MYCA_DIR/myCA.pem"
echo "Private key: $MYCA_DIR/myCA.key"
Reference in New Issue View Git Blame Copy Permalink