4 |
|
|
5 |
usage() |
usage() |
6 |
{ |
{ |
7 |
echo "Usage:" |
echo "Usage:" |
8 |
echo " $0" |
echo " $0" |
9 |
echo |
echo |
10 |
echo "The environment variables \$SSLCONFIG and \$SSLDIR will be respected too." |
echo "The environment variables \$SSLCONFIG and \$SSLDIR will be respected too." |
11 |
echo |
echo |
12 |
die "No certificate name given!" |
die "No certificate name given!" |
13 |
} |
} |
14 |
|
|
|
type -P openssl > /dev/null || die "openssl not found!" |
|
|
[[ $(id -u) -ne 0 ]] && die "You must be root!" |
|
|
[ ! -d ${CERTDIR} ] && die "${CERTDIR} directory doesn't exist!" |
|
|
[ ! -d ${KEYDIR} ] && die "${KEYDIR} directory doesn't exist!" |
|
|
[ -f ${CERTFILE} ] && die "${CERTFILE} already exists, won't overwrite!" |
|
|
[ -f ${KEYFILE} ] && die "${KEYFILE} already exists, won't overwrite!" |
|
|
|
|
15 |
SSLDIR="${SSLDIR-@@SSLDIR@@}" |
SSLDIR="${SSLDIR-@@SSLDIR@@}" |
16 |
SSLCONFIG="${SSLCONFIG-${SSLDIR}/openssl.cnf}" |
SSLCONFIG="${SSLCONFIG-${SSLDIR}/openssl.cnf}" |
17 |
CERTDIR="${SSLDIR}/certs" |
CERTDIR="${SSLDIR}/certs" |
20 |
CERTFILE="${CERTDIR}/${CERTNAME}.pem" |
CERTFILE="${CERTDIR}/${CERTNAME}.pem" |
21 |
KEYFILE="${KEYDIR}/${CERTNAME}.key" |
KEYFILE="${KEYDIR}/${CERTNAME}.key" |
22 |
|
|
23 |
|
type -P openssl > /dev/null || die "openssl not found!" |
24 |
|
[[ $(id -u) -ne 0 ]] && die "You must be root!" |
25 |
|
[ ! -d ${CERTDIR} ] && die "${CERTDIR} directory doesn't exist!" |
26 |
|
[ ! -d ${KEYDIR} ] && die "${KEYDIR} directory doesn't exist!" |
27 |
|
[ -f ${CERTFILE} ] && die "${CERTFILE} already exists, won't overwrite!" |
28 |
|
[ -f ${KEYFILE} ] && die "${KEYFILE} already exists, won't overwrite!" |
29 |
|
|
30 |
openssl req -new -x509 -nodes -config ${SSLCONFIG} -out ${CERTFILE} -keyout ${KEYFILE} -days 365 || die "Certificate request failed!" |
openssl req -new -x509 -nodes -config ${SSLCONFIG} -out ${CERTFILE} -keyout ${KEYFILE} -days 365 || die "Certificate request failed!" |
31 |
openssl x509 -subject -fingerprint -noout -in ${CERTFILE} || die "Fingerprint failed!" |
openssl x509 -subject -fingerprint -noout -in ${CERTFILE} || die "Fingerprint failed!" |