OpenSSL command line on F5 LTM CSR/key generation

Thought I'd share since I don't see any good examples. This is working for me.

The command looked like it was creating a key at the same time it was generating the CSR, my issue was the key needed to be created first. I thought I had done that first, but coming back to it again started working.

We are rebranding our 100's of websites and we have a different group managing a WAF device, so need to send them the keys also hence the email of both the key and CSR. I'm planning on further automating renewals to generate a new key each time and then email us the csr/key for processing with our CA provider and WAF team. Hope this helps someone!

DATE=`date +%m%d%y-%H.%M.%S`

mkdir ./bulk.csr
mkdir ./bulk.key

while read domain; do
echo $domain

Generate a key and CSR:
openssl genrsa -out ./bulk.key/$domain.rebrand.key 2048

openssl req -new -key ./bulk.key/$domain.rebrand.key -out ./bulk.csr/$domain.rebrand.csr -subj "/C=US/ST=xxx/L=xxx/O=xxx, Inc./OU=IT/CN=$domain/emailAddress=xxxx@xxx.com"
openssl req -noout -text -in ./bulk.csr/$domain.rebrand.csr > ./domain.rebrand.log

Sending email with attached CSR:
mail -s "Attached is the CSR generated for $domain on $HOSTNAME" xxxx@xxx.com < ./bulk.csr/$domain.rebrand.csr
mail -s "Attached is the KEY generated for $domain on $HOSTNAME" xxxx@xxx.com < ./bulk.key/$domain.rebrand.key

done < ./domain.rebrand.txt
read csr command: openssl req -noout -text -in ./bulk.csr/$domain.rebrand.csr