Skip to content

Commit b82bac0

Browse files
tniessenbengl
authored andcommitted
test: improve https_renew_cert.sh script
- To avoid unnecessarily large diffs, only generate a new private key if necessary. Otherwise, reuse the existing private key and only issue a new certificate. - Remove an unnecessary conversion step using openssl rsa and the intermediate rsa.pem and csr.pem files. - Extend the certificate validity from 1 year to 10 years. - Show a text representation of the issued certificate upon completion such that the user can verify the validity. - Make the script executable. - Use "#!/usr/bin/env bash" instead of "#!/bin/bash". - Allow the script to be called from any directory. Refs: #42342 Refs: #37990 PR-URL: #42343 Reviewed-By: Richard Lau <[email protected]> Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Antoine du Hamel <[email protected]> Reviewed-By: Mestery <[email protected]>
1 parent a5e42f0 commit b82bac0

File tree

2 files changed

+22
-15
lines changed

2 files changed

+22
-15
lines changed
Original file line numberDiff line numberDiff line change
@@ -1,19 +1,19 @@
11
-----BEGIN CERTIFICATE-----
2-
MIIDATCCAemgAwIBAgIUetgkeY+KShrAfmm5LR+QFsKJWlUwDQYJKoZIhvcNAQEL
3-
BQAwFDESMBAGA1UEAwwJbG9jYWxob3N0MB4XDTIyMDMxNTEwMjIxMFoXDTIzMDMx
4-
NTEwMjIxMFowFDESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEF
2+
MIIDATCCAemgAwIBAgIUb32MablwTzVJh3UQXwdun9pBoF0wDQYJKoZIhvcNAQEL
3+
BQAwFDESMBAGA1UEAwwJbG9jYWxob3N0MB4XDTIyMDMxNTE2MzQwOFoXDTMyMDMx
4+
MjE2MzQwOFowFDESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEF
55
AAOCAQ8AMIIBCgKCAQEA11wz7hAhdN072sp2aTySdsla65aZT10L1o74JNBZmMye
66
DSq7Lbbvqq8XuLlwogS0ACAQVEjL7GPVMgJwzRytdaSWdzr26dftPCL3m1h8azU/
77
Bs1nafHWhi3rx8RQnLfyusq0fThR9Xd3xfjDuaqhoa7Nc36XbG98XWkgxpm2R7wR
88
pLyNT9K2Ixvry9orZicTxv0Zyq+tD3CzSEch5OCApVZNaqEcIDgiN1zE/zqIe83v
99
9+NYpLo61yPiqqedCqZaKp037uwJCp/RL9g6bh7IFDGZcNFv3k0xjZB4BVm4BZMp
1010
SlbI49hncVIJZNB7qWt5ilCzEbwOhgLt6Y3Yh8rgMwIDAQABo0swSTALBgNVHQ8E
1111
BAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwJQYDVR0RBB4wHIIJMTI3LjAuMC4x
12-
gglsb2NhbGhvc3SHBH8AAAEwDQYJKoZIhvcNAQELBQADggEBAACPB26XVV99W575
13-
p2iE1qHYAK6KCDrLyJTi0epITgzP5mAXv9aoq14qldvz4ryZp7X5R4rVvezPmfwk
14-
NWTgCzFkVbGDozdrcmaXx1sAx1guxJMTpU+DkIw1cahD9UdqI6Dr5rVlGcZvdh9S
15-
w0Q4fU6zSfp5e8wfGUxXaWqNpBzX0Z9VeHo3Rjgt6+V+9xSwEirE+5tzwy5MaMTs
16-
N5nJbJH6YOBVUDsOszPX+2TcWvebMGkViN2qkSu8Kwxge5Ijbwb3tWMFByaaiWUp
17-
XaRH77CoVU39LKj0u/M/GiHJ5FhR//7UqqtOqk2+keGNv61s/iBGKMdjbm7b2pJT
18-
EYIl4lo=
12+
gglsb2NhbGhvc3SHBH8AAAEwDQYJKoZIhvcNAQELBQADggEBAEEXVnMzax6vmGPY
13+
TNNK6HJuN8xUUbEKVHKPDTwKbn2ZPQRGNOs4CJ5vVc1h2tU1mfgg20FZzPqZ+y9N
14+
hIFIaESTpX881NXM87aE21Gqo4rS66lubcoEUHWeY1+/LcdD6Gh/Ur0V4CBORZjA
15+
W/H1nASZQKQLMHIkriopbclMQPOsUYM11JxLsTH6hOPCJRM5cl1K1KsHWY2yJ656
16+
Gw9IX0NBTak0flEAL/JQkFlm2PRFJhWShPBHsC8/AWBcvgJH/0noNnDS5vAtCWa6
17+
rJO6SoHFJwWK3xCVU2YsC6No2DrAukyqEdN8arifJ/2hEjx1XAfockNsWzrT1mB5
18+
EpLq2L0=
1919
-----END CERTIFICATE-----
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,13 @@
1-
#!/bin/bash
2-
openssl genrsa -out rsa.pem 2048
3-
openssl rsa -in rsa.pem -out key.pem
4-
openssl req -sha256 -new -key key.pem -out csr.pem -subj "/CN=localhost"
5-
openssl x509 -req -extfile cert.conf -extensions v3_req -days 365 -in csr.pem -signkey key.pem -out cert.pem
1+
#!/usr/bin/env bash
2+
set -euo pipefail
3+
shopt -s inherit_errexit
64

5+
cd -- "$(dirname -- "${BASH_SOURCE[0]}")"
6+
7+
if [ ! -f key.pem ]; then
8+
openssl genrsa -out key.pem 2048
9+
fi
10+
11+
openssl req -sha256 -new -key key.pem -subj "/CN=localhost" | \
12+
openssl x509 -req -extfile cert.conf -extensions v3_req -days 3650 -signkey key.pem -out cert.pem
13+
openssl x509 -in cert.pem -noout -text

0 commit comments

Comments
 (0)