web/bin/create-ca

#!/usr/bin/env bash
BASEDIR=$(realpath $(dirname $0));
KEYDIR=$(realpath "$BASEDIR/../storage/ca/");

if [ -f $KEYDIR/ca.key ]; then
    echo "CA key already exists. not overwriting it."
    exit 1;
fi

CN="ob.ae-cn";

if [ ! -z "$1" ]; then
    CN=$1;
fi;

openssl req -days 3650 -nodes -new -x509 -keyout $KEYDIR/ca.key -out $KEYDIR/ca.crt -subj "/CN=$CN" -extensions ca_ext -config "$BASEDIR/../etc/openssl.conf";