frostfs-dev-env/services/storage/generate_cert.sh

27 lines
768 B
Bash
Raw Normal View History

#!/bin/bash
source bin/helper.sh
WORKDIR=$(dirname "$0")
LOCAL_DOMAIN=$1
SSL_CONFIG=$(mktemp)
CERT="${WORKDIR}/s04tls.crt"
KEY="${WORKDIR}/s04tls.key"
if [[ ! -f ${CERT} ]]; then
(
echo "[req]"; \
echo "distinguished_name=req"; \
echo "req_extensions=san"; \
echo "[san]"; \
echo "subjectAltName=DNS:s04.${LOCAL_DOMAIN}"
) > ${SSL_CONFIG}
openssl req -new -newkey rsa:4096 -x509 -sha256 -days 365 -nodes \
-subj "/C=RU/ST=SPB/L=St.Petersburg/O=TrueCloudLab/OU=TrueCloudLab/CN=s04.${LOCAL_DOMAIN}" \
-keyout "${KEY}" -out "${CERT}" -extensions san -config "${SSL_CONFIG}" &> /dev/null || {
die "Failed to generate SSL certificate for s04"
}
fi