how to create certificate

#!/bin/bash
set +x
export fpr1nt=""
fpr1nt="$fpr1nt@$$"

des_dir="/home/Ruby/CA"
key_name="agent_server"
function gen_all()
{
cd $des_dir

ca_phrase=.....

startdate=`date -d '5 days ago' +%y%m%d%H%m%S`
startdate="${startdate}Z"
enddate=`date -d '7295 days' +%y%m%d%H%m%S`
enddate="${enddate}Z"

common_name=`ifconfig |grep inet | awk '{print $2}' | head -1`
ca_file_path="/var/chroot/mongodb/CA/templateCA"
rm $ca_file_path/index.txt
touch $ca_file_path/index.txt


openssl genrsa -out $key_name.key 2048

expect <<-EOF

spawn openssl req -new -x509 -key $key_name.key -out $key_name.csr -days 7300 -sha256

expect "Country Name"
send "Wd\r"

expect "State or Province Name"
send "Cloud\r"

expect "Locality Name"
send "\r"

expect "Organization Name"
send "DBS\r"

expect "Organizational Unit Name"
send "\r"

expect "Common Name"
send "$common_name\r"

expect "Email Address"
send "\r"

expect eof
EOF

expect <<-EOF
spawn openssl ca -ss_cert $key_name.csr -cert ca.crt -keyfile ca.key -policy policy_anything -out $key_name.crt -days 7300 -md sha256 -startdate $startdate -enddate $enddate

expect "Enter pass phrase for"
send "${ca_phrase}\r"

expect {
"Sign the certificate"
{ send "y\r";exp_continue }
"1 out of 1 certificate requests certified, commit"
{ send "y\r";exp_continue }
eof
}
EOF

openssl verify -CAfile ca.crt $key_name.crt


chown Ruby:Ruby $key_name.*

}
if [ ! -e "$des_dir/$key_name.key" ]; then
gen_all >> $des_dir/gen_server_cert.log 2>&1
fi