使用expect及 openssl 產生SSL 憑證簽署要求

URL Link //n.sfs.tw/16403

2024-04-23 15:28:10 By igogo

 

每年都要製做tls 憑證 二十幾張, 

此語法利用expect

產生私錀及憑證請求檔

 



#!/usr/bin/expect


#syntax go.expect 13.key 13csr.txt

set key [lindex $argv 0];
set csr [lindex $argv 1];

set passwd PASSWORD

set timeout -1

spawn openssl genrsa -des3 -out "${key}" 2048

expect "Enter PEM pass phrase:"
send "$passwd\r"

expect "Verifying - Enter PEM pass phrase:"
send "$passwd\r"

interact
set timeout 1000

spawn openssl req -new -key "${key}" -out "${csr}"  

expect "Enter pass phrase for ${key}:"
send "$passwd\r"

#expect "Country Name (2 letter code) [AU]:"
expect "Country Name *:"
send "TW\r"

#expect "State or Province Name (full name) [Some-State]:"
expect "State or Province Name *:"
send "\r"

expect "Locality Name *:"
send "臺中市\r"

expect "Organization Name *:"
send "市政府\r"

expect "Organizational Unit Name *:"
send "教育局\r"

expect "Common Name *:"
send "web.tc.edu.tw\r"

expect "Email Address *:"
send "igogo@tc.edu.tw\r"

expect "A challenge password *:"
send "\r"

expect "An optional company name *:"
send "\r"

interact