From 656eca93a7a86bc23e7ba7ed79af21d50af6ebc3 Mon Sep 17 00:00:00 2001
From: jonny <475634114@qq.com>
Date: Tue, 30 Mar 2021 15:49:09 +0800
Subject: [PATCH] Create generate-certs.sh

---
 docker/generate-certs.sh | 39 +++++++++++++++++++++++++++++++++++++++
 1 file changed, 39 insertions(+)
 create mode 100644 docker/generate-certs.sh

diff --git a/docker/generate-certs.sh b/docker/generate-certs.sh
new file mode 100644
index 0000000..1ef944e
--- /dev/null
+++ b/docker/generate-certs.sh
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+mkdir -p ssl
+
+OUTPUT_FILENAME="example.com"
+
+printf "[req]
+prompt                  = no
+default_bits            = 4096
+default_md              = sha256
+encrypt_key             = no
+string_mask             = utf8only
+
+distinguished_name      = cert_distinguished_name
+req_extensions          = req_x509v3_extensions
+x509_extensions         = req_x509v3_extensions
+
+[ cert_distinguished_name ]
+C  = CN
+ST = BJ
+L  = BJ
+O  = example.com
+OU = example.com
+CN = example.com
+
+[req_x509v3_extensions]
+basicConstraints        = critical,CA:true
+subjectKeyIdentifier    = hash
+keyUsage                = critical,digitalSignature,keyCertSign,cRLSign #,keyEncipherment
+extendedKeyUsage        = critical,serverAuth #, clientAuth
+subjectAltName          = @alt_names
+
+[alt_names]
+DNS.1 = example.com
+DNS.2 = *.example.com
+
+">ssl/${OUTPUT_FILENAME}.conf
+
+openssl req -x509 -newkey rsa:2048 -keyout /app/conf/$OUTPUT_FILENAME.key -out /app/conf/$OUTPUT_FILENAME.crt -days 3600 -nodes -config ssl/${OUTPUT_FILENAME}.conf