80 lines
1.7 KiB
Bash
80 lines
1.7 KiB
Bash
#!/bin/bash
|
||
|
||
# 退出时如果有任何命令失败
|
||
set -e
|
||
|
||
# 默认值
|
||
DAYS=365
|
||
SUBJECT="/C=CN/ST=Shanghai/L=Shanghai/O=GoProxy/OU=Test/CN=localhost"
|
||
|
||
# 帮助信息
|
||
function show_help {
|
||
echo "生成自签名证书"
|
||
echo
|
||
echo "用法: $0 [选项]"
|
||
echo
|
||
echo "选项:"
|
||
echo " -h, --help 显示此帮助信息"
|
||
echo " -d, --days DAYS 证书有效期(天数),默认: 365"
|
||
echo " -s, --subject SUB 证书主题,默认: $SUBJECT"
|
||
echo " -c, --cn CN 公用名(CN),将替换主题中的CN,默认: localhost"
|
||
echo
|
||
echo "示例:"
|
||
echo " $0 --days 730 --cn example.com"
|
||
echo
|
||
}
|
||
|
||
# 处理命令行参数
|
||
while [[ $# -gt 0 ]]; do
|
||
key="$1"
|
||
case $key in
|
||
-h|--help)
|
||
show_help
|
||
exit 0
|
||
;;
|
||
-d|--days)
|
||
DAYS="$2"
|
||
shift
|
||
shift
|
||
;;
|
||
-s|--subject)
|
||
SUBJECT="$2"
|
||
shift
|
||
shift
|
||
;;
|
||
-c|--cn)
|
||
# 替换主题中的CN部分
|
||
SUBJECT=$(echo $SUBJECT | sed "s/CN=[^\/]*/CN=$2/")
|
||
shift
|
||
shift
|
||
;;
|
||
*)
|
||
echo "未知选项: $1"
|
||
show_help
|
||
exit 1
|
||
;;
|
||
esac
|
||
done
|
||
|
||
echo "生成自签名证书..."
|
||
echo "有效期: $DAYS 天"
|
||
echo "主题: $SUBJECT"
|
||
|
||
# 生成私钥
|
||
openssl genrsa -out server.key 2048
|
||
|
||
# 生成证书请求
|
||
openssl req -new -key server.key -out server.csr -subj "$SUBJECT"
|
||
|
||
# 生成自签名证书
|
||
openssl x509 -req -days $DAYS -in server.csr -signkey server.key -out server.crt
|
||
|
||
# 删除证书请求文件
|
||
rm server.csr
|
||
|
||
echo "完成!已生成以下文件:"
|
||
echo " - server.key: 私钥"
|
||
echo " - server.crt: 证书"
|
||
echo
|
||
echo "您可以使用这些文件启动HTTPS代理:"
|
||
echo "go run cmd/custom_dns_https_proxy/main.go -cert server.crt -key server.key" |