Contents of /trunk/openssl/openssl-make-certs.sh
Parent Directory
| 
Revision Log
Revision 996 -
(show annotations)
(download)
(as text)
Thu Mar 4 00:34:31 2010 UTC (14 years, 2 months ago) by niro
File MIME type: application/x-sh
File size: 1124 byte(s)
Thu Mar 4 00:34:31 2010 UTC (14 years, 2 months ago) by niro
File MIME type: application/x-sh
File size: 1124 byte(s)
-added a simple certificate creation script
| 1 | #!/bin/sh |
| 2 | # $Header: /root/magellan-cvs/src/openssl/openssl-make-certs.sh,v 1.1 2010-03-04 00:34:31 niro Exp $ |
| 3 | |
| 4 | SSLCONFIG="${SSLCONFIG-/etc/ssl/openssl.cnf}" |
| 5 | CERTDIR="${CERTDIR-/etc/ssl/certs}" |
| 6 | CERTNAME="$1" |
| 7 | |
| 8 | die() { echo "ERROR: $@"; exit 1; } |
| 9 | |
| 10 | usage() |
| 11 | { |
| 12 | echo "Usage:" |
| 13 | echo " $0 [cert-name]" |
| 14 | echo |
| 15 | echo "The environment variables \$SSLCONFIG and \$CERTDIR wil be respected too." |
| 16 | echo |
| 17 | die "No certificate name given!" |
| 18 | } |
| 19 | |
| 20 | # sanity checks |
| 21 | [[ $(id -u) -ne 0 ]] && die "You must be root!" |
| 22 | [[ -z ${CERTNAME} ]] && usage |
| 23 | |
| 24 | CERTFILE="${CERTDIR}/${CERTNAME}.pem" |
| 25 | KEYFILE="${CERTDIR}/${CERTNAME}.key" |
| 26 | |
| 27 | echo |
| 28 | echo "You may want to setup your default ssl config file first." |
| 29 | echo "Just edit '${SSLCONFIG}'." |
| 30 | echo |
| 31 | echo "Press [Enter] to continue, [CTRL-C] to abort." |
| 32 | read |
| 33 | |
| 34 | openssl req -new -x509 -nodes -config ${SSLCONFIG} -out ${CERTFILE} -keyout ${KEYFILE} -days 365 || die "Certificate request failed!" |
| 35 | chown root:root ${CERTFILE} ${KEYFILE} || die "Ownership failed!" |
| 36 | chmod 0600 ${CERTFILE} ${KEYFILE} || die "Permissions failed!" |
| 37 | echo |
| 38 | openssl x509 -subject -fingerprint -noout -in ${CERTFILE} || die "Fingerprint failed!" |