ahmadmarafa · September 2, 2021 17:55
diff --git a/ssllamp.sh b/ssllamp.sh
 #!/usr/bin/env bash

 RAND=$(openssl rand -hex 12)

 TEMP="/opt/lampp/temp/$RAND"

 mkdir $TEMP

 cd $TEMP 

 #main domain
 NAME="local.hub"

 #list of sub domains
 SUBS=(app api)

 SUBSSTRING=""

 ALIAS="" 

 HOST="127.0.0.1 $NAME";

 for i in "${!SUBS[@]}"; do
    SUBSSTRING+="DNS.$((i+2)) = ${SUBS[$i]}.$NAME";
    SUBSSTRING+=$'\n'
    ALIAS+="ServerAlias ${SUBS[$i]}.$NAME";
    ALIAS+=$'\n' 
    HOST+=" ${SUBS[$i]}.$NAME";
 done

 openssl genrsa -des3 -out myCA.key 2048 

 openssl req -x509 -new -nodes -key myCA.key -sha256 -days 825 -out myCA.pem -subj "/C=EG/ST=Cairo/L=Cairo/O=$NAME/CN=$NAME"

 openssl genrsa -out $NAME.key 2048

 openssl req -new -key $NAME.key -out $NAME.csr -subj "/C=EG/ST=Cairo/L=Cairo/O=$NAME/CN=$NAME"

 [ -d "/opt/lampp/htdocs/$NAME/" ] || mkdir /opt/lampp/htdocs/$NAME/

 >$NAME.ext cat <<-EOF
 authorityKeyIdentifier=keyid,issuer
 basicConstraints=CA:FALSE
 keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
 subjectAltName = @alt_names
 [alt_names]
 DNS.1 = $NAME # Be sure to include the domain name here because Common Name is not so commonly honoured by itself
 $SUBSSTRING
 EOF

 openssl x509 -req -in $NAME.csr -CA myCA.pem -CAkey myCA.key -CAcreateserial -out $NAME.crt -days 825 -sha256 -extfile $NAME.ext

 mv $TEMP /opt/lampp/etc/certs/$NAME 

 >>/opt/lampp/etc/extra/httpd-vhosts.conf cat<<-EOF
 <VirtualHost *:443>
    ServerAdmin webmaster@$NAME
    DocumentRoot "/opt/lampp/htdocs/$NAME/"
    ServerName $NAME
    $ALIAS
    ErrorLog "logs/$NAME-error_log"
    CustomLog "logs/$NAME-access_log" common

    SSLEngine on
    SSLCertificateFile "/opt/lampp/etc/certs/$NAME/$NAME.crt"
    SSLCertificateKeyFile "/opt/lampp/etc/certs/$NAME/$NAME.key"
 </VirtualHost>
 EOF


 >>/etc/hosts cat<<-EOF
 $HOST
 EOF

 cp /opt/lampp/etc/certs/$NAME/$NAME.crt /usr/local/share/ca-certificates/
 update-ca-certificates


 echo "DONE; NOW ADD /opt/lampp/etc/certs/$NAME/myCA.pem to google chrome authoritey"

 /opt/lampp/lampp restart
	#!/usr/bin/env bash

	RAND=$(openssl rand -hex 12)

	TEMP="/opt/lampp/temp/$RAND"

	mkdir $TEMP

	cd $TEMP

	#main domain
	NAME="local.hub"

	#list of sub domains
	SUBS=(app api)

	SUBSSTRING=""

	ALIAS=""

	HOST="127.0.0.1 $NAME";

	for i in "${!SUBS[@]}"; do
	SUBSSTRING+="DNS.$((i+2)) = ${SUBS[$i]}.$NAME";
	SUBSSTRING+=$'\n'
	ALIAS+="ServerAlias ${SUBS[$i]}.$NAME";
	ALIAS+=$'\n'
	HOST+=" ${SUBS[$i]}.$NAME";
	done

	openssl genrsa -des3 -out myCA.key 2048

	openssl req -x509 -new -nodes -key myCA.key -sha256 -days 825 -out myCA.pem -subj "/C=EG/ST=Cairo/L=Cairo/O=$NAME/CN=$NAME"

	openssl genrsa -out $NAME.key 2048

	openssl req -new -key $NAME.key -out $NAME.csr -subj "/C=EG/ST=Cairo/L=Cairo/O=$NAME/CN=$NAME"

	[ -d "/opt/lampp/htdocs/$NAME/" ] \|\| mkdir /opt/lampp/htdocs/$NAME/

	>$NAME.ext cat <<-EOF
	authorityKeyIdentifier=keyid,issuer
	basicConstraints=CA:FALSE
	keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
	subjectAltName = @alt_names
	[alt_names]
	DNS.1 = $NAME # Be sure to include the domain name here because Common Name is not so commonly honoured by itself
	$SUBSSTRING
	EOF

	openssl x509 -req -in $NAME.csr -CA myCA.pem -CAkey myCA.key -CAcreateserial -out $NAME.crt -days 825 -sha256 -extfile $NAME.ext

	mv $TEMP /opt/lampp/etc/certs/$NAME

	>>/opt/lampp/etc/extra/httpd-vhosts.conf cat<<-EOF
	<VirtualHost *:443>
	ServerAdmin webmaster@$NAME
	DocumentRoot "/opt/lampp/htdocs/$NAME/"
	ServerName $NAME
	$ALIAS
	ErrorLog "logs/$NAME-error_log"
	CustomLog "logs/$NAME-access_log" common

	SSLEngine on
	SSLCertificateFile "/opt/lampp/etc/certs/$NAME/$NAME.crt"
	SSLCertificateKeyFile "/opt/lampp/etc/certs/$NAME/$NAME.key"
	</VirtualHost>
	EOF


	>>/etc/hosts cat<<-EOF
	$HOST
	EOF

	cp /opt/lampp/etc/certs/$NAME/$NAME.crt /usr/local/share/ca-certificates/
	update-ca-certificates


	echo "DONE; NOW ADD /opt/lampp/etc/certs/$NAME/myCA.pem to google chrome authoritey"

	/opt/lampp/lampp restart