Generate CSR for LightBeam

Step-by-Step Guide

Here is a script that combines the generation of the private key and CSR using the configuration file:

#!/bin/bash
# Define filenames
PRIVATE_KEY="private.key"
CSR="request.csr"
CONFIG_FILE="openssl.cnf"
# Create OpenSSL configuration file
cat > $CONFIG_FILE <<EOL
[ req ]
default_bits = 2048
default_md = sha256
prompt = no
default_keyfile = $PRIVATE_KEY
distinguished_name = req_distinguished_name
req_extensions = req_ext
[ req_distinguished_name ]
C = US
ST = California
L = San Francisco
O = My Organization
OU = My Organizational Unit
CN = abc@def.com
emailAddress = abc@def.com
[ req_ext ]
subjectAltName = @alt_names
[ alt_names ]
email.1 = abc@def.com
EOL
# Generate private key
echo "Generating private key..."
openssl genpkey -algorithm RSA -out $PRIVATE_KEY -aes256
# Generate CSR
echo "Generating CSR..."
openssl req -new -key $PRIVATE_KEY -out $CSR -config $CONFIG_FILE
echo "Private key and CSR have been generated."

Usage

1. Save the script to a file, for example, `generate_key_and_csr_with_san.sh`.

2. Make the script executable:

chmod +x generate_key_and_csr_with_san.sh

3. Run the script:

./generate_key_and_csr_with_san.sh

This script will generate a private key and a CSR with the `subjectAltName` set to `abc@def.com`. Adjust the values in the configuration file section of the script as needed for your specific requirements.

Configuration File Sections:

• [ req ]: Main settings for the request.

  • default_bits: Key size.

  • default_md: Message digest algorithm.

  • prompt: Whether to prompt for details.

  • default_keyfile: Default private key file.

  • distinguished_name: Section for distinguished name.

  • req_extensions: Section for request extensions.

• [ req_distinguished_name ]: Details for the distinguished name.

• [ req_ext ]: Extensions to add to the request.

• [ alt_names ]: Subject alternative names.