From f5a189e0dccd44a51d143090b3a32d1a941c431d Mon Sep 17 00:00:00 2001
From: jgaunt <jgaunt@noreply.example.org>
Date: Fri, 17 Jul 2020 23:58:03 -0400
Subject: [PATCH] Update 'csr.sh'

---
 csr.sh | 35 ++++++++++++++++++++++++++++++++---
 1 file changed, 32 insertions(+), 3 deletions(-)

diff --git a/csr.sh b/csr.sh
index c0a034a..5c2e313 100644
--- a/csr.sh
+++ b/csr.sh
@@ -8,10 +8,9 @@ fi
 DOMAIN="home.johnhgaunt.com"
 
 for i in $HOSTNAMES; do
-    openssl req -new -sha512 -nodes -out $i.$DOMAIN.csr -newkey rsa:4096 -keyout $i.$DOMAIN.key -config <(
+    openssl req -new -sha512 -nodes -newkey ec:<(openssl ecparam -name secp384r1) -keyout cert.key -out cert.csr -config <(
 cat <<-EOF
 [req]
-default_bits = 4096
 prompt = no
 default_md = sha512
 req_extensions = req_ext
@@ -39,7 +38,7 @@ done
 
 # ECDSA key and csr
 : '
-openssl req -new -sha512 -nodes -newkey ec:<(openssl ecparam -name secp521r1) -keyout cert.key -out cert.csr -config <(
+openssl req -new -sha512 -nodes -newkey ec:<(openssl ecparam -name secp384r1) -keyout cert.key -out cert.csr -config <(
 cat <<-EOF
 [req]
 prompt = no
@@ -59,6 +58,36 @@ CN=$i.$DOMAIN
 [ req_ext ]
 subjectAltName = @alt_names
  
+[ alt_names ]
+DNS.1 = $i.$DOMAIN
+DNS.2 = $i
+EOF
+)
+'
+
+# RSA key and csr
+: '
+openssl req -new -sha512 -nodes -out $i.$DOMAIN.csr -newkey rsa:4096 -keyout $i.$DOMAIN.key -config <(
+cat <<-EOF
+[req]
+default_bits = 4096
+prompt = no
+default_md = sha512
+req_extensions = req_ext
+distinguished_name = dn
+ 
+[ dn ]
+C=US
+ST=PA
+L=Pittsburgh
+O=Gaunt
+OU=Gaunt
+emailAddress=admin@johnhgaunt.com
+CN=$i.$DOMAIN
+ 
+[ req_ext ]
+subjectAltName = @alt_names
+ 
 [ alt_names ]
 DNS.1 = $i.$DOMAIN
 DNS.2 = $i