Linux shell automatically creates CA certificate script

Script content:

The code is as follows

Copy Code

#!/bin/bash # Author:mos # Script Name:mos_ca.sh # Date & time:2013-01-06/23:05:35 # version:1.0.2 # Description: # [-f/etc/sysconfig/mos_ca.conf] &&. /etc/sysconfig/mos_ca.conf Config () { CNF=${CNF:-/ETC/PKI/TLS/OPENSSL.CNF} CP $Cnf $CNF. ' Date +%f-%t '. bak dir=${dir:-/etc/pki/ca/} CNY=${CNY:-CN} Pve=${pve:-henan} Cty=${cty:-zhengzhou} Bis=${bis:-youguess} Bnh=${bnh:-tech} opn= ' grep ' stateorprovincename_default.*=[[:space:]].* '/etc/pki/tls/openssl.cnf|cut-d ' t '-f1 ' Sed-i "s@ (^dir.*=[[:space:]). *@1$dir@g" $Cnf Sed-i "s@ (^countryname_default.*=[[:space:]). *@1$cny@g" $Cnf If [$OPN = s];then Sed-i "s@ (^stateorprovincename_default.*=[[:space:]). *@1$pve@g" $Cnf Else Sed-i "s@^# (stateorprovincename_default.*=[[:space:]). *@1$pve@g" $Cnf Fi Sed-i "s@ (^localityname_default.*=[[:space:]). *@1$cty@g" $Cnf Sed-i "s@ (^0.organizationname_default.*=[[:space:]). *@1$bis@g" $Cnf Sed-i "s@^# (Organizationalunitname_default [[: space:]] =) @1 $Bnh @g" $Cnf } Create_ca () { dir=${dir:-/etc/pki/ca/} [! d ${dir}crl] && mkdir-pm ${dir}crl [!-D ${dir}ne Wcerts] && mkdir-pm ${dir}newcerts [!-D ${dir}certs] && mkdir-pm-${dir}certs [!-F ${dir}index.txt] && touch ${dir}index.txt [!-F ${dir}serial] && echo > ${dir}serial [! -D ${dir}private] && mkdir-pm ${dir}private (umask 077; OpenSSL genrsa-out ${dir}private/cakey.pem 2048 &>/dev/null) #read-P "please input CA hostname [default:ca.mos.com]:" Host HOST=${HOST:-CA.MOS.COM} #read-P "Please input CA e-mail [default]:root@mos.com]:" Em Em=${em:-root@mos.com} Echo-e "Nnnnn${host}n${em }n "|openssl req-x509-new-key ${dir}private/cakey.pem-out ${dir}cacert.pem-days 3650 &>/dev/null } Create () { dir=${dir:-/etc/pki/ca/} date= ' Date +%f-%h:%m:%s ' [!-F/ETC/PKI/CA/PRIVATE/CAKEY.PEM] & & Create_ca && return 0 If [-f/etc/pki/ca/private/cakey.pem];then     read-p CA ex Iste,continue? Y:move file; N-> Quit. [Y|n] ' Choice     if [[' $Choice ' = ' y ']];then         [! -D "$Dir" "$Date" tmp] && mkdir-p "$Dir" "$Date" tmp              mv "$Dir" * "$Dir" "$Date" tmp/&>/dev/null              Create_ca     elif [["$Choice" = = "n"]];then          Exit 0     Else         echo "Error input ..."         exit 1     fi Fi } Create_crt () { (umask 077;openssl genrsa 1024 > "$Ddir" "$Dname". Key) &>/dev/null Echo-e "nnnnn" $Dhost "n" $DE "nnn" |openssl Req-new-key "$Ddir" "$Dname". Key-out "$Ddir" "$Dname". CSR &>/dev/null [[$Set!= ' s]]] && echo-e "Ynyn" |openssl ca-in "$Ddir" "$Dname". Csr-out "$Ddir" "$Dname". Crt-days 365 &&G T /dev/null && Exit 0 [[$Set = = "-S"]] && exit 0 } Demo_crt () { ddir=${ddir:-/opt/mos_demo/} Dname=${dname:-demo} Dhost=${dhost:-demo.mos.com} De=${de:-root@mos.com} Date= ' Date +%f-%h:%m:%s ' [!-D $Ddir] && mkdir-p $Ddir &>/dev/null [[!-f ' $Ddir ' $Dname '. Key &&!-F "$Ddir" "$Dname". CSR]] && create_crt && exit 0 If [F-$Ddir "$Dname". Key | |-F "$Ddir" "$Dname". CSR | |-F "$Ddir" "$Dname". CRT]];then Read-p "Demo certificate existe, Continue?" Y:move file; N:quit. [Y|n] "Cie if [["$Cie" = "Y"]];then [!-D "$Ddir" "$Date" tmp] && mkdir-p "$Ddir" "$Date" tmp && MV "$Ddir" "$Dname" * "$Ddir" "$Date" tmp/&&G T /dev/null Create_crt Exit 0 elif [["$Cie" = "n"]];then Exit 0 Else echo "Error input ..." Fi Fi } Set=$1 if [[$Set =~ (-N) | ( -O) | (s) | (CA) &&-Z $ | | -Z $Set]];then [-Z $Set] && Config && Create && demo_crt && exit 0 [$Set =-n] && demo_crt && exit 0 [$Set = s] && Config && demo_crt && exit 0 [$Set = CA] && Config && Create && exit 0 [$Set =-O] && echo-e "Ynyn" |openssl ca-in "$Other". Csr-out "$Other". Crt-days 365 &>/dev/null Else echo "Error,invalid option!" Exit 1 Fi

How to use:

code is as follows	copy code
chmod "+x mos_" ca.sh ./mos_ca.sh