Fix: no password for domain keys

hiteshnayak305 · Sep 24, 2023 · e3dae8b · e3dae8b
1 parent bc99b1b
commit e3dae8b
Show file tree

Hide file tree

Showing 9 changed files with 17 additions and 12 deletions.
diff --git a/generateDomainCert.sh b/generateDomainCert.sh
@@ -1,11 +1,11 @@
-. setenv.sh
+. ./setenv.sh
 
 # do nothing if already exists
 if [[ -f ${DOMAIN_CRT_PATH} ]]
 then
     echo "Domain crt is already generated."
 else
-    openssl req -new -key ${DOMAIN_KEY_PATH} -out ${DOMAIN_CSR_PATH} -passin env:DOMAIN_PASSWORD -config ${DOMAIN_OPENSSL_CONF_PATH}
+    openssl req -new -key ${DOMAIN_KEY_PATH} -out ${DOMAIN_CSR_PATH} -config ${DOMAIN_OPENSSL_CONF_PATH} #-passin env:DOMAIN_PASSWORD
     openssl x509 -req -in ${DOMAIN_CSR_PATH} -CA ${ROOT_CA_CRT_PATH} -CAkey ${ROOT_CA_KEY_PATH} -passin env:ROOT_CA_PASSWORD -out ${DOMAIN_CRT_PATH} -days ${DOMAIN_EXPIRY_DAYS} -extfile ${DOMAIN_OPENSSL_CONF_PATH} -extensions v3_req
     echo "Domain crt generated successfully at ${DOMAIN_CRT_PATH}"
     rm ${DOMAIN_CSR_PATH}

diff --git a/generateDomainKey.sh b/generateDomainKey.sh
@@ -1,12 +1,12 @@
-. setenv.sh
+. ./setenv.sh
 
 # do nothing if already exists
 if [[ -f ${DOMAIN_KEY_PATH} ]]
 then
     echo "Domain key is already generated."
 else
-    openssl genrsa -des3 -passout env:ROOT_CA_PASSWORD -out ${DOMAIN_KEY_PATH} 4096
+    openssl genrsa -out ${DOMAIN_KEY_PATH} 4096 #-des3 -passout env:ROOT_CA_PASSWORD
     echo "Domain key generated successfully at ${DOMAIN_KEY_PATH}"
 fi
-openssl rsa -noout -text -in ${DOMAIN_KEY_PATH} -passin env:DOMAIN_PASSWORD
+openssl rsa -noout -text -in ${DOMAIN_KEY_PATH} #-passin env:DOMAIN_PASSWORD
 echo "Domain key verified successfully."
diff --git a/generateRootCACert.sh b/generateRootCACert.sh
@@ -1,4 +1,4 @@
-. setenv.sh
+. ./setenv.sh
 
 # do nothing if already exists
 if [[ -f ${ROOT_CA_CRT_PATH} ]]

diff --git a/generateRootKey.sh b/generateRootKey.sh
@@ -1,4 +1,4 @@
-. setenv.sh
+. ./setenv.sh
 
 # do nothing if already exists
 if [[ -f ${ROOT_CA_KEY_PATH} ]]

diff --git a/getbase64.sh b/getbase64.sh
@@ -1,4 +1,4 @@
-. setenv.sh
+. ./setenv.sh
 
 echo "Root CA certificate :"
 cat ${ROOT_CA_CRT_PATH} | base64 -w 0

diff --git a/renewDomainCert.sh b/renewDomainCert.sh
@@ -1,4 +1,4 @@
-. setenv.sh
+. ./setenv.sh
 
 # Ask confirmation
 echo "Domain is valid till : "

diff --git a/renewRootCACert.sh b/renewRootCACert.sh
@@ -1,4 +1,4 @@
-. setenv.sh
+. ./setenv.sh
 
 # Ask confirmation
 echo "Root CA is valid till : "

diff --git a/req.conf b/req.conf
@@ -23,4 +23,9 @@ extendedKeyUsage       = serverAuth, clientAuth
 subjectAltName         = @alt_names
 
 [alt_names]
-DNS.1 = *.hitesh.com
+DNS.1 = *.kube.hitesh.com
+DNS.2 = *.weave.hitesh.com
+DNS.3 = *.skooner.hitesh.com
+DNS.4 = *.gitea.hitesh.com
+DNS.5 = *.jenkins.hitesh.com
+DNS.6 = *.hitesh.com
diff --git a/setenv.sh b/setenv.sh
@@ -1,4 +1,4 @@
-. secret.sh
+. ./secret.sh
 
 export BUILD_PATH=build
 # root