This script will make generating a private key and CSR easier on Linux. It requires the dialog package to be installed with:

apt-get install dialog

or

yum install dialog

The script is pretty easy to understand and the defaults can be changed very easily.

#!/bin/sh

# Certificate Generation Wizard # @author Andy Dixon <andy @ andydixon.com> # @requires dialog exec 3>&1; hname=$(dialog --backtitle "Certificate Generation Wizard" --title "Hostname" --clear --inputbox "Please enter the hostname for the certificate\\nFor example www.foo.com:" 16 31 2>&1 1>&3); exec 3>&-;

exec 3>&1; countrycode=$(dialog --backtitle "Certificate Generation Wizard" --title "Country" --clear --inputbox "Please enter the ISO country code for the organisation:" 16 31 GB 2>&1 1>&3); exec 3>&-;

exec 3>&1; region=$(dialog --backtitle "Certificate Generation Wizard" --title "Region" --clear --inputbox "Please enter the region for the certificate:" 16 31 Worcestershire 2>&1 1>&3); exec 3>&-;

exec 3>&1; location=$(dialog --backtitle "Certificate Generation Wizard" --title "Town" --clear --inputbox "Please enter the town / location:" 16 31 Malvern 2>&1 1>&3); exec 3>&-;

exec 3>&1; organisation=$(dialog --backtitle "Certificate Generation Wizard" --title "Organisation Name" --clear --inputbox "Please enter the registered organisation name:" 16 31 FooBar IncĀ 2>&1 1>&3); exec 3>&-;

exec 3>&1; cryptostrength=$(dialog --backtitle "Certificate Generation Wizard" --title "Cryptographic strength" --clear --inputbox "Please enter the cryptographic strength of the certificate:" 16 31 rsa:2048 2>&1 1>&3); exec 3>&-;

exec 3>&1; ret=$(openssl req -new -newkey $cryptostrength -keyout $hname.key -out $hname.csr -nodes -subj "/C=$countrycode/ST=$region/L=$location/O=$organisation/CN=$hname" 2>/tmp/sslerror) retcode = $? exec 3>&-;

if [ $retcode -eq 0 ] then DIALOG_SCREEN_COLOR=RED dialog --backtitle "Certificate Generation Wizard" --title "An Error Occurred" --textbox /tmp/sslerror 22 70 else dialog --backtitle "Certificate Generation Wizard" --title "Success! Your CSR is as follows" --textbox $hname.csr 22 70 dialog --title "Certificate Generation Wizard" --title "All finished" --msgbox "The CSR and private key are in your current working directory." 32 30

fi