Simplify the creation of self-signed certificates

beaglebone.txt

 editor /usr/bin/makecert
 #+END_SRC
 
-Enter the following:
+Enter the following, changing the country code and location as needed:
 
 #+BEGIN_SRC: bash
 #!/bin/bash
 
 HOSTNAME=$1
-
-openssl genrsa -des3 -out $HOSTNAME.key 1024
-openssl req -new -x509 -nodes -days 3650 -key $HOSTNAME.key -out $HOSTNAME.crt
-openssl rsa -in $HOSTNAME.key -out $HOSTNAME.new.key
-cp $HOSTNAME.new.key $HOSTNAME.key
-rm $HOSTNAME.new.key
-cp $HOSTNAME.key /etc/ssl/private
+COUNTRY_CODE="GB"
+AREA="Greater Manchester"
+LOCATION="Manchester"
+ORGANISATION="Freedombone"
+
+openssl req \
+  -x509 -nodes -days 3650 \
+  -subj "/O=$ORGANISATION/C=$COUNTRY_CODE/ST=$AREA/L=$LOCATION/CN=$HOSTNAME" \
+  -newkey rsa:1024 \
+  -keyout /etc/ssl/private/$HOSTNAME.key \
+  -out /etc/ssl/certs/$HOSTNAME.crt
 chmod 400 /etc/ssl/private/$HOSTNAME.key
-cp $HOSTNAME.crt /etc/ssl/certs
-shred -zu $HOSTNAME.key $HOSTNAME.crt
 /etc/init.d/nginx reload
 #+END_SRC
 
 makecert $HOSTNAME
 #+END_SRC
 
-Enter some trivial password for the key file, such as "password".  The password will be removed as part of the /makecert/ script which you just created.  Note that leaving a password on the key file would mean that after a power cycle the Apache server will not be able to boot properly (it would wait indefinitely for a password to be manually entered) and would look as if it had crashed.
-
 If all has gone well then there should be no warnings or errors after you run the service restart command.  After that you should enable ports 80 (HTTP) and 443 (HTTPS) on your internet router/firewall, such that they are redirected to the BBB.
 
 Also limit the amount of memory which any php scripts can use.
 server {
     listen 443 ssl;
     server_name mysubsonicdomainname.com;
+    index index.php;
 
     error_log  /var/www/mysubsonicdomainname.com/error.log debug;
 
 
 
 server {
-    listen   80;
-    server_name FQDN;
+    listen 443 ssl;
+    server_name mysubsonicdomainname.com;
     charset utf-8;
 
-    root PATH;
+    root /var/www/mysubsonicdomainname.com/htdocs;
     index index.php;
 
     if ( !-d $request_filename ) {
 #+BEGIN_SRC: bash
 sed "s/mysubsonicdomainname.com/$HOSTNAME/g" /etc/nginx/sites-available/$HOSTNAME > /tmp/website
 cp -f /tmp/website /etc/nginx/sites-available/$HOSTNAME
-service nginx restart
+/etc/init.d/nginx reload
 #+END_SRC