6 FILE_NAME="subdomains.amazonaws.com"
8 openssl genrsa -des3 -out CA.key 2048
10 openssl req -x509 -new -nodes -key CA.key -sha256 -days 8000 -out CA.pem
12 openssl x509 -in CA.pem -inform PEM -out CA.crt
14 openssl genrsa -out $FILE_NAME.key 2048
15 openssl req -new -key $FILE_NAME.key -out $FILE_NAME.csr
17 cat > $FILE_NAME.ext << EOF
18 authorityKeyIdentifier=keyid,issuer
19 basicConstraints=CA:FALSE
20 keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
21 subjectAltName = @alt_names
23 DNS.1 = *.amazonaws.com
24 DNS.2 = *.us-east-1.amazonaws.com
25 DNS.3 = *.s3.amazonaws.com
28 openssl x509 -req -in $FILE_NAME.csr -CA CA.pem -CAkey CA.key -CAcreateserial -out $FILE_NAME.crt -days 8000 -sha256 -extfile $FILE_NAME.ext