利用openssl 一行文產生私鑰及憑證請求檔

URL Link //n.sfs.tw/15943

2022-09-27 11:11:48 By igogo

 

 

https://www.shellhacks.com/create-csr-openssl-without-prompt-non-interactive/

 

 

 

 

openssl req -nodes -newkey rsa:2048 -keyout server.key -out certreq.csr -subj "/C=TW/L=臺中市/O=市政府/OU=教育局/CN=web.tc.edu.tw"

 

#!/bin/bash

mkdir ./key
mkdir ./csr

for i in 0{1..9} {11..23} ; do

        echo "c0${i}.tc.edu.tw"
    openssl req -nodes -newkey rsa:2048 -keyout ./key/"${i}server.key" -out ./csr/"${i}certreq.csr" -subj "/C=TW/L=臺中市/O=市政府/OU=教育局/CN=c0${i}.tc.edu.tw"
done

 

 

 

cer 轉pem

 

openssl x509 -inform der -in cert.cer  -out certificate.pem

 

比對key跟憑證是否相符

 



openssl rsa -noout -modulus -in server.key  |openssl md5

 openssl x509 -noout -modulus -in certificate.pem  |openssl md5

 

一行文檢查

openssl x509 -inform der -in CERT -out cer.pem ; openssl x509 -noout -modulus -in cer.pem  |openssl md5 ; rm ./cer.pem