4 |
|
|
5 |
usage() |
usage() |
6 |
{ |
{ |
7 |
echo "Usage:" |
echo "Usage:" |
8 |
echo " $0" |
echo " $0" |
9 |
echo |
echo |
10 |
echo "The environment variables \$SSLCONFIG and \$SSLDIR will be respected too." |
echo "The environment variables \$SSLCONFIG and \$SSLDIR will be respected too." |
11 |
echo |
echo |
12 |
die "No certificate name given!" |
die "No certificate name given!" |
13 |
} |
} |
14 |
|
|
15 |
|
SSLDIR="${SSLDIR-@@SSLDIR@@}" |
16 |
|
SSLCONFIG="${SSLCONFIG-${SSLDIR}/openssl.cnf}" |
17 |
|
CERTDIR="${SSLDIR}/certs" |
18 |
|
KEYDIR="${SSLDIR}/private" |
19 |
|
CERTNAME="mcored" |
20 |
|
CERTFILE="${CERTDIR}/${CERTNAME}.pem" |
21 |
|
KEYFILE="${KEYDIR}/${CERTNAME}.key" |
22 |
|
|
23 |
type -P openssl > /dev/null || die "openssl not found!" |
type -P openssl > /dev/null || die "openssl not found!" |
24 |
[[ $(id -u) -ne 0 ]] && die "You must be root!" |
[[ $(id -u) -ne 0 ]] && die "You must be root!" |
25 |
[ ! -d ${CERTDIR} ] && die "${CERTDIR} directory doesn't exist!" |
[ ! -d ${CERTDIR} ] && die "${CERTDIR} directory doesn't exist!" |
27 |
[ -f ${CERTFILE} ] && die "${CERTFILE} already exists, won't overwrite!" |
[ -f ${CERTFILE} ] && die "${CERTFILE} already exists, won't overwrite!" |
28 |
[ -f ${KEYFILE} ] && die "${KEYFILE} already exists, won't overwrite!" |
[ -f ${KEYFILE} ] && die "${KEYFILE} already exists, won't overwrite!" |
29 |
|
|
30 |
SSLDIR="${SSLDIR-/etc/ssl}" |
openssl req -new -x509 -sha1 -nodes -config ${SSLCONFIG} -out ${CERTFILE} -keyout ${KEYFILE} -days 365 || die "Certificate request failed!" |
31 |
SSLCONFIG="${SSLCONFIG-${SSLDIR}/openssl.cnf}" |
openssl x509 -sha1 -subject -fingerprint -noout -in ${CERTFILE} || die "Fingerprint failed!" |
|
CERTDIR="${SSLDIR}/certs" |
|
|
KEYDIR="${SSLDIR}/private" |
|
|
CERTNAME="mcore" |
|
|
CERTFILE="${CERTDIR}/${CERTNAME}.pem" |
|
|
KEYFILE="${KEYDIR}/${CERTNAME}.key" |
|
|
|
|
|
openssl req -new -x509 -nodes -config ${SSLCONFIG} -out ${CERTFILE} -keyout ${KEYFILE} -days 365 || die "Certificate request failed!" |
|
|
openssl x509 -subject -fingerprint -noout -in ${CERTFILE} || die "Fingerprint failed!" |
|