Annotation of /trunk/openssl/openssl-make-certs.sh
Parent Directory | Revision Log
Revision 996 -
(hide annotations)
(download)
(as text)
Thu Mar 4 00:34:31 2010 UTC (14 years, 6 months ago) by niro
File MIME type: application/x-sh
File size: 1124 byte(s)
Thu Mar 4 00:34:31 2010 UTC (14 years, 6 months ago) by niro
File MIME type: application/x-sh
File size: 1124 byte(s)
-added a simple certificate creation script
1 | niro | 996 | #!/bin/sh |
2 | # $Header: /root/magellan-cvs/src/openssl/openssl-make-certs.sh,v 1.1 2010-03-04 00:34:31 niro Exp $ | ||
3 | |||
4 | SSLCONFIG="${SSLCONFIG-/etc/ssl/openssl.cnf}" | ||
5 | CERTDIR="${CERTDIR-/etc/ssl/certs}" | ||
6 | CERTNAME="$1" | ||
7 | |||
8 | die() { echo "ERROR: $@"; exit 1; } | ||
9 | |||
10 | usage() | ||
11 | { | ||
12 | echo "Usage:" | ||
13 | echo " $0 [cert-name]" | ||
14 | echo | ||
15 | echo "The environment variables \$SSLCONFIG and \$CERTDIR wil be respected too." | ||
16 | echo | ||
17 | die "No certificate name given!" | ||
18 | } | ||
19 | |||
20 | # sanity checks | ||
21 | [[ $(id -u) -ne 0 ]] && die "You must be root!" | ||
22 | [[ -z ${CERTNAME} ]] && usage | ||
23 | |||
24 | CERTFILE="${CERTDIR}/${CERTNAME}.pem" | ||
25 | KEYFILE="${CERTDIR}/${CERTNAME}.key" | ||
26 | |||
27 | echo | ||
28 | echo "You may want to setup your default ssl config file first." | ||
29 | echo "Just edit '${SSLCONFIG}'." | ||
30 | echo | ||
31 | echo "Press [Enter] to continue, [CTRL-C] to abort." | ||
32 | read | ||
33 | |||
34 | openssl req -new -x509 -nodes -config ${SSLCONFIG} -out ${CERTFILE} -keyout ${KEYFILE} -days 365 || die "Certificate request failed!" | ||
35 | chown root:root ${CERTFILE} ${KEYFILE} || die "Ownership failed!" | ||
36 | chmod 0600 ${CERTFILE} ${KEYFILE} || die "Permissions failed!" | ||
37 | echo | ||
38 | openssl x509 -subject -fingerprint -noout -in ${CERTFILE} || die "Fingerprint failed!" |