fix(ansible): Jenkins Job Exporter
[csit.git] / csit.infra.dash / do_certs.sh
1 #!/usr/bin/env bash
2
3 mkdir -p ./nginx/ssl
4 cd ./nginx/ssl
5
6 FILE_NAME="subdomains.amazonaws.com"
7
8 openssl genrsa -des3 -out CA.key 2048
9
10 openssl req -x509 -new -nodes -key CA.key -sha256 -days 8000 -out CA.pem
11
12 openssl x509 -in CA.pem -inform PEM -out CA.crt
13
14 openssl genrsa -out $FILE_NAME.key 2048
15 openssl req -new -key $FILE_NAME.key -out $FILE_NAME.csr
16
17 cat > $FILE_NAME.ext << EOF
18 authorityKeyIdentifier=keyid,issuer
19 basicConstraints=CA:FALSE
20 keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
21 subjectAltName = @alt_names
22 [alt_names]
23 DNS.1 = *.amazonaws.com
24 DNS.2 = *.us-east-1.amazonaws.com
25 DNS.3 = *.s3.amazonaws.com
26 EOF
27
28 openssl x509 -req -in $FILE_NAME.csr -CA CA.pem -CAkey CA.key -CAcreateserial -out $FILE_NAME.crt -days 8000 -sha256 -extfile $FILE_NAME.ext