Generating SSL
Aller à la navigation
Aller à la recherche
Generate root certificate authority
Create a script genRootCA.sh and run it
#!/bin/bash openssl genrsa -out rootCA.key 2048 # Change O field by your organisation # OU and CN by your Organizational unit # emailAddress by your email openssl req -x509 -new -nodes -key rootCA.key -sha256 -days 1024 -out rootCA.crt \ -subj '/C=FR/ST=Is\xC3\x83\xC2\xA8re/L=Grenoble/O=LIG/OU=FabMSTIC/CN=FabMSTIC/emailAddress=fabmstic.lig@gmail.com' sudo rootCA.crt /usr/local/share/ca-certificates/ sudo update-ca-certificates
Generate site certificate
Create a script genSiteCertificate.sh and run it with the FQDN as argument
#!/bin/bash openssl genrsa -out device.key 2048 # Change O field by your organisation # OU and CN by your Organizational unit # emailAddress by your email openssl req -new -key device.key -out device.csr -subj '/C=FR/ST=Is\xC3\x83\xC2\xA8re/L=Grenoble/O=LIG/OU=FabMSTIC/CN='"$1"'/emailAddress=fabmstic.lig@gmail.com' openssl x509 -req -in device.csr -CA rootCA.crt -CAkey rootCA.key -CAcreateserial -out device.crt -days 500 -sha256