25 March 2024

While working on my company’s implemenation of STIR/SHAKEN, I ran into a very basic issue – how do I easily create test self-signed SHAKEN certificates?

While I did find a couple of posts on how to do this, I wanted a nice script that would accomplish the following:

  1. Generate either a self-signed certificate or a key/CSR pair for use with an official certificate authority
  2. Allow easy passing of the certificate subject information (Country, State, Locality, etc.)
  3. Create certificate filenames with a unique identifier, to prevent name collisions (by default, the identifier is a UNIX timestamp)

Below is the script I came up with:

Credit to the original source posts, here and here.