45 lines
888 B
Bash
45 lines
888 B
Bash
#!/bin/sh
|
|
|
|
CERTFILE=@SYSCONFDIR@/servercert.pem
|
|
KEYFILE=@SYSCONFDIR@/serverkey.pem
|
|
CNFFILE=@SYSCONFDIR@/ssleay.cnf
|
|
|
|
if [ "$1" != "--force" -a -f $KEYFILE ]; then
|
|
echo "$KEYFILE exists! Use \"$0 --force.\""
|
|
exit 0
|
|
fi
|
|
|
|
if [ "$1" = "--force" ]; then
|
|
shift
|
|
fi
|
|
|
|
FQDN=`hostname --fqdn`
|
|
if [ "x${FQDN}" = "x" ]; then
|
|
FQDN=localhost.localdomain
|
|
fi
|
|
echo
|
|
echo creating selfsigned certificate
|
|
echo "replace it with one signed by a certification authority (CA)"
|
|
echo
|
|
#echo enter your ServerName at the Common Name prompt
|
|
echo
|
|
|
|
# use special .cnf, because with normal one no valid selfsigned
|
|
# certificate is created
|
|
|
|
#export RANDFILE=/dev/random
|
|
cat <<EOF |openssl req -days 365 $@ -config $CNFFILE \
|
|
-new -x509 -nodes -out $CERTFILE \
|
|
-keyout $KEYFILE
|
|
--
|
|
SomeState
|
|
SomeCity
|
|
SomeOrganization
|
|
SomeOrganizationalUnit
|
|
${FQDN}
|
|
root@${FQDN}
|
|
EOF
|
|
|
|
|
|
chmod 600 $KEYFILE
|