サーバー証明書

[English]

 

1.自己証明証明書を作成するシェル

!/bin/sh

CN=******.co.jp
PASSWORD=abcdefgxyz
IP=127.0.0.1

echo subjectAltName = DNS:$CN, IP:$IP > subjectname.txt

SJ="/C=JP/ST=Tokyo/L=Minato-ku/O=****/OU=****/CN=$CN"

openssl genrsa -des3 -passout pass:${PASSWORD} -out ${CN}.key 2048

openssl rsa -passin pass:${PASSWORD} -in ${CN}.key -out ${CN}.key

openssl req -new -sha256 -key ${CN}.key -out ${CN}.csr -subj "$SJ"

#openssl req -noout -text -in ${CN}.csr

#openssl req -x509 -in ${CN}.csr -key ${CN}.key -out ${CN}.crt -days 3650
openssl x509 -days 3650 -req -extfile subjectname.txt -signkey  ${CN}.key < $CN.csr > $CN.crt

#CHANGE CSR to PFX
openssl pkcs12 -export -in ${CN}.crt -inkey ${CN}.key -out ${CN}.pfx -passout pass:${PASSWORD}