一键申请和颁发证书脚本

注：具体需要根据实际情况进行测试调整。

[root@centos8 ~]# cat certificate.sh
#!/bin/bash
#
#**************************************************
#Author:                Xan_Yum
#QQ:                    7993167
#Email:                 waluna@qq.com
#Version:               1.0
#Date:                  2021-05-24
#FileName:              certificate.sh
#Description:           issue certs
#URL:                   https://waluna.top
#Copyroght (C):         2021 ALL rights reserved
#**************************************************

CA_SUBJECT="/O=heaven/CN=ca.waluna.top"
SUBJECT="/C=CN/ST=shandong/L=laiwu/O=IT/CN=master.waluna.top"
SUBJECT2="/C=CN/ST=shandong/L=laiwu/O=IT/CN=master.waluna.top"
KEY_SIZE=2048 #此值不能使用1024
SERIAL=34
SERIAL2=35

CA_EXPIRE=202002
EXPIRE=3650
FILE=master
FILE2=slave

#生成自签名的CA证书
openssl req  -x509 -newkey rsa:${KEY_SIZE} -subj $CA_SUBJECT -keyout cakey.pem -nodes -days $CA_EXPIRE -out cacert.pem

#第一个证书
#生成私钥和证书申请
openssl req -newkey rsa:${KEY_SIZE} -nodes -keyout ${FILE}.key  -subj $SUBJECT -out ${FILE}.csr
#颁发证书
openssl x509 -req -in ${FILE}.csr  -CA cacert.pem  -CAkey cakey.pem  -set_serial $SERIAL  -days $EXPIRE -out ${FILE}.crt

#第二个证书
openssl req -newkey rsa:${KEY_SIZE}  -nodes -keyout ${FILE2}.key  -subj $SUBJECT2 -out ${FILE2}.csr
openssl x509 -req -in ${FILE2}.csr  -CA cacert.pem  -CAkey cakey.pem  -set_serial $SERIAL2  -days $EXPIRE -out ${FILE2}.crt

chmod 600 *.key

一键申请和颁发证书脚本

一键申请和颁发证书脚本

最小化安装系统初始化脚本

一键安装 mysql-5.6.x 二进制包的脚本

Xan_Yum

Comments | NOTHING

取消回复