caddy-and-cert-manager/setup_server.sh at master · hpware/caddy-and-cert-manager · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
# these two are required.
ORG_NAME="Default CA generated by CS"
CN_NAME="Default CA generated by CS"

# create cert
mkdir -p ./certs/created
openssl genrsa -out ./certs/master.key.pem 4096
openssl req -x509 -new -nodes -key ./certs/master.key.pem -sha512 -days 7305 -out ./certs/master.pub.pem -subj "/C=TW/L=Taipei/O=${ORG_NAME}/CN=${CN_NAME}"

# generate default cert for the default HTTPS port.
openssl genrsa -out ./certs/created/default_private_key.pem 4096
openssl req -new -key ./certs/created/default_private_key.pem -out ./certs/created/default_csr.pem -subj "/C=TW/L=Taipei/O=${ORG_NAME}/CN=test.default.tw"
openssl x509 -req -in ./certs/created/default_csr.pem -CA ./certs/master.pub.pem -CAkey ./certs/master.key.pem -CAcreateserial -out ./certs/created/default_pub.pem -days 7305 -sha512
cat ./certs/created/default_pub.pem ./certs/master.pub.pem > ./certs/created/default_fullchain.pem

# create Caddyfile
#mkdir -p ./caddy/caddy/conf
#mkdir -p ./caddy/caddy/config
#mkdir -p ./caddy/caddy/data
#mkdir -p ./caddy/caddy/site
#tee ./caddy/caddy/conf/Caddyfile <<EOF
#:80 {
#        root * /usr/share/caddy
#        file_server
#}
#:443 {
#        tls /certs/default.fullchain.pem /certs/default.private_key.pem
#
#        root * /usr/share/caddy
#        fi le_server
#}
#EOF