| 123456789101112131415161718192021 |
- #!/bin/bash
- set -euo pipefail
- CA_KEY="ca.key"
- CA_CERT="ca.pem"
- if [[ -f "$CA_KEY" && -f "$CA_CERT" ]]; then
- echo "✅ CA already exists: $CA_KEY, $CA_CERT"
- exit 0
- fi
- echo "🔧 Generating root CA..."
- openssl genrsa -out "$CA_KEY" 4096
- openssl req -x509 -new -nodes -key "$CA_KEY" \
- -sha256 -days 3650 \
- -out "$CA_CERT" \
- -subj "/CN=Local Dev CA"
- echo "✅ Root CA created: $CA_CERT"
|
