nilfinx.tngl.sh / LPLE
LiquidProxy Lua Edition
fork atom
LPLE / tools / create-cert.sh
at master 76 lines 1.7 kB view raw
nilfinx.tngl.sh Initialize this mess
9ebc07ec
1#!/bin/bash 2 3set -o pipefail 4 5count=0 6mode="none" 7 8for arg in "$@"; do 9 case "$arg" in 10 -client|--client) 11 mode="client" 12 ((count++)) 13 break 14 ;; 15 -webui|--webui) 16 mode="webui" 17 ((count++)) 18 break 19 ;; 20 *) 21 echo "unknown option: $arg (use -webui or -client)" >&2 22 exit 1 23 ;; 24 esac 25done 26 27read -p "Server IP/domain: " CN 28 29yn() { 30 # Source - https://stackoverflow.com/a 31 # Posted by Myrddin Emrys, modified by community. See post 'Timeline' for change history 32 # Retrieved 2026-01-28, License - CC BY-SA 4.0 33 while true; do 34 read -p read -p "$1 [Y/n]: " yn 35 case $yn in 36 [Yy]* ) break;; 37 [Nn]* ) echo Done.; exit 0;; 38 "" ) break;; 39 * ) echo "Please answer yes or no.";; 40 esac 41 done 42} 43 44normalcert() { 45 openssl req -x509 -newkey rsa:4096 -subj /CN=$CN/O=LiquidProxy -nodes -days 999999 -keyout LiquidProxy-key.pem -out LiquidProxy-cert.pem 46} 47 48webuicert() { 49 openssl x509 -inform PEM -in LiquidProxy-cert.pem -outform DER -out LiquidProxy-cert.cer 50} 51 52clientcert() { 53 openssl req -x509 -newkey rsa:4096 -subj /CN=$CN/O=LiquidProxy -nodes -days 999999 -keyout LiquidProxy-clientKey.pem -out LiquidProxy-clientCert.pem 54 openssl pkcs12 -export -inkey LiquidProxy-clientKey.pem -in LiquidProxy-clientCert.pem -certfile LiquidProxy-cert.pem -out LiquidProxy-client.p12 -legacy 55 local ca="$(base64 -w 0 LiquidProxy-cert.pem)" 56 local p12="$(base64 -w 0 LiquidProxy-client.p12)" 57 sed \ 58 -e "s|@CA@|$ca|" \ 59 -e "s|@P12@|$p12|" \ 60 lp.plist > LiquidProxy.mobileconfig 61} 62 63main() { 64 normalcert 65 echo nc 66 if [ $mode = "none" ]; then 67 yn "Do you want to generate other certificate files for web UI?" 68 fi 69 webuicert 70 if [ $mode != "client" ]; then 71 yn "Do you want to generate client certificates?" 72 fi 73 clientcert 74} 75 76main