1#!/bin/bash 2 3if [ $# -ne 2 ] 4then 5 echo "Usage: $0 alias \"pass phrase\"" 6 exit -1 7fi 8 9# Generate a 2048 bit RSA key with public exponent 3. 10# Encrypt private key with provided password. 11openssl genrsa -3 -out $1.pem -passout pass:"$2" 2048 12 13# Create a self-signed cert for this key. 14openssl req -new -x509 -key $1.pem -passin pass:"$2" \ 15 -out $1-cert.pem \ 16 -batch -days 10000 17 18# Create a PKCS12 store containing the generated private key. 19# Protect the keystore and the private key with the provided password. 20openssl pkcs12 -export -in $1-cert.pem -inkey $1.pem -passin pass:"$2" \ 21 -out $1.p12 -name $1 -passout pass:"$2" 22 23rm $1.pem 24rm $1-cert.pem 25 26