parent
582c0bef84
commit
886193c162
@ -0,0 +1,44 @@
|
|||||||
|
import { program } from 'commander'
|
||||||
|
import chalk from 'chalk'
|
||||||
|
|
||||||
|
import { command, execSync, log } from './helpers/command.js'
|
||||||
|
|
||||||
|
/**
|
||||||
|
* create-certificate.js
|
||||||
|
*
|
||||||
|
* creating self signed certifactes for secure Connections
|
||||||
|
*
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
// getting hostname
|
||||||
|
const hostname = execSync('hostname').toString().trim()
|
||||||
|
|
||||||
|
// getting arguments and options
|
||||||
|
program
|
||||||
|
.argument('<destination>', 'destination for certificate')
|
||||||
|
|
||||||
|
program.parse(process.argv)
|
||||||
|
|
||||||
|
// getting arguments
|
||||||
|
const destination = program.args[0]
|
||||||
|
|
||||||
|
// creating
|
||||||
|
try {
|
||||||
|
log(chalk.green('Generating CA'))
|
||||||
|
command('openssl genrsa 4096 > ' + destination + '/ca-key.pem')
|
||||||
|
command('openssl req -new -x509 -nodes -days 365000 -key ' + destination + '/ca-key.pem -out ' + destination + '/ca-cert.pem -subj "/CN=' + hostname + '-database-ca"')
|
||||||
|
|
||||||
|
log(chalk.green('Generating Server Certificate'))
|
||||||
|
command('openssl req -newkey rsa:4096 -days 365000 -nodes -keyout ' + destination + '/server-key.pem -out ' + destination + '/server-req.pem -subj "/CN=' + hostname + '-database-server"')
|
||||||
|
command('openssl rsa -in ' + destination + '/server-key.pem -out ' + destination + '/server-key.pem')
|
||||||
|
command('openssl x509 -req -in ' + destination + '/server-req.pem -days 365000 -CA ' + destination + '/ca-cert.pem -CAkey ' + destination + '/ca-key.pem -set_serial 01 -out ' + destination + '/server-cert.pem')
|
||||||
|
|
||||||
|
log(chalk.green('Generating Client Certificate'))
|
||||||
|
command('openssl req -newkey rsa:4096 -days 365000 -nodes -keyout ' + destination + '/client-key.pem -out ' + destination + '/client-req.pem -subj "/CN=' + hostname + '-database-server"')
|
||||||
|
command('openssl rsa -in ' + destination + '/client-key.pem -out ' + destination + '/client-key.pem')
|
||||||
|
command('openssl x509 -req -in ' + destination + '/client-req.pem -days 365000 -CA ' + destination + '/ca-cert.pem -CAkey ' + destination + '/ca-key.pem -set_serial 01 -out ' + destination + '/client-cert.pem')
|
||||||
|
command('openssl verify -CAfile ' + destination + '/ca-cert.pem ' + destination + '/server-cert.pem ' + destination + '/client-cert.pem')
|
||||||
|
} catch(error) {
|
||||||
|
|
||||||
|
}
|
||||||
@ -0,0 +1,14 @@
|
|||||||
|
import { execSync } from 'node:child_process'
|
||||||
|
|
||||||
|
const log = console.log
|
||||||
|
|
||||||
|
// helper for output command
|
||||||
|
const command = function(value) {
|
||||||
|
log(execSync(value).toString().trim())
|
||||||
|
}
|
||||||
|
|
||||||
|
export {
|
||||||
|
command,
|
||||||
|
execSync,
|
||||||
|
log
|
||||||
|
}
|
||||||
@ -1,3 +1,10 @@
|
|||||||
sudo apt install letsencrypt
|
import chalk from 'chalk'
|
||||||
sudo systemctl status certbot.timer
|
import { command, execSync, log } from './helpers/command.js'
|
||||||
sudo certbot certonly --standalone --agree-tos --preferred-challenges http -d domain-name.com
|
|
||||||
|
try {
|
||||||
|
log(chalk.green('Installing letsencrypt'))
|
||||||
|
command('apt-get install -y letsencrypt')
|
||||||
|
command('systemctl status certbot.timer')
|
||||||
|
} catch(error) {
|
||||||
|
|
||||||
|
}
|
||||||
Loading…
Reference in new issue