mkdir -p resources/config/ resources/useless_openssl_data/ cat > resources/openssl.cnf < resources/useless_openssl_data/serial # Generate CA openssl req -x509 -nodes -newkey rsa:2048 -batch \ -subj "/CN=Test CA" \ -outform PEM -out resources/config/ca_cert.pem \ -keyout resources/ca_cert.key for server in $*; do openssl genrsa -traditional \ -out resources/config/server_$server.key \ 2048 openssl req -nodes -batch -new \ -addext "subjectAltName = DNS:$server" \ -key resources/config/server_$server.key \ -outform PEM -out resources/server_$server.req openssl ca -config resources/openssl.cnf -days 3650 -md sha512 -batch \ -subj /CN=$server \ -keyfile resources/ca_cert.key -cert resources/config/ca_cert.pem \ -in resources/server_$server.req \ -out resources/config/server_$server.pem openssl x509 -sha1 -in resources/config/server_$server.pem -fingerprint -noout \ | sed "s/.*=//" | sed "s/://g" | tr '[:upper:]' '[:lower:]' > resources/server_$server.pem.sha1 done rm -r resources/useless_openssl_data/