- Charles Watkins
- Watkins Labs
This script manages SSL certificates and Certificate Authorities (CAs). It provides various functionalities such as listing certificate authorities, deploying a CA to a remote server, installing a CA on a remote server, creating SSL certificates, deploying SSL certificates to servers, and copying the public key to a remote host for passwordless access.
To run the script, execute it in a terminal. You can either choose an action from the menu displayed or provide the choice as a command line argument.
./cert.sh [choice]
# OR
[nd@nd-box-watkinslabs-com CA]$ ./cert.sh
SSL Certificate Management Menu:
1. List Certificate Authorities
2. Deploy CA to Remote Server
3. Install CA on Remote Server
4. Install CA locally/Update CA Trust
5. Create SSL Certificate
6. Deploy SSL Certificate to Server
7. Copy Public key to Remote Server
8. Create CA and Intermediate CA
9. Create and deploy a java keystore for existing certificate
Enter choice:
- List Certificate Authorities: Lists the installed certificate authorities.
- Deploy CA to Remote Server: Deploys the CA to a specified remote server.
- Install CA on Remote Server: Installs the CA on a specified remote server.
- Install CA locally: Installs the CA locally.
- Create SSL Certificate: Creates an SSL certificate for a specified server.
- Deploy SSL Certificate to Server: Deploys an SSL certificate to a specified server.
- Copy Public Key to Remote Host for Passwordless Access: Copies the public key to a remote host for passwordless access.
- Create CA Certificate and Intermediate Certificate: Generates a new CA certificate and intermediate certificate.
- OpenSSL
- scp
- ssh
- ssh-copy-id
- REMOTE_USER: Remote server user.
- REMOTE_SSL_DIR: Directory on the remote server where SSL certificates are stored.
- DOMAIN: Base domain name.
- CA_KEY: Path to the CA's private key.
- CA_BUNDLE: Path to the CA's bundle file.
- CA_CERT: Path to the CA's certificate.
- TRUST_ANCHORS: Path to the directory where trust certificates / CAs are stored.
- CONFIG_FILE: Path to the OpenSSL configuration file.
- DAYS_VALID: Number of days the certificate is valid.
This script is released under the BSD 3 License.