Magellan Linux

  • Back to homepage
    • /[pkg-src]/trunk/openssl/openssl-make-certs.sh

    Diff of /trunk/openssl/openssl-make-certs.sh

    Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

    revision 997 by niro, Thu Mar 4 00:34:31 2010 UTC revision 998 by niro, Thu Mar 4 12:50:39 2010 UTC
    # Line 1  Line 1 
    1  #!/bin/sh  #!/bin/sh
    2  # $Header: /root/magellan-cvs/src/openssl/openssl-make-certs.sh,v 1.1 2010-03-04 00:34:31 niro Exp $  # $Header: /root/magellan-cvs/src/openssl/openssl-make-certs.sh,v 1.2 2010-03-04 12:50:39 niro Exp $
    3    
    4  SSLCONFIG="${SSLCONFIG-/etc/ssl/openssl.cnf}"  SSLDIR="${SSLDIR-/etc/ssl}"
    5  CERTDIR="${CERTDIR-/etc/ssl/certs}"  SSLCONFIG="${SSLCONFIG-${SSLDIR}/openssl.cnf}"
    6    CERTDIR="${SSLDIR}/certs"
    7    KEYDIR="${SSLDIR}/private"
    8  CERTNAME="$1"  CERTNAME="$1"
    9    CERTFILE="${CERTDIR}/${CERTNAME}.pem"
    10    KEYFILE="${KEYDIR}/${CERTNAME}.key"
    11    
    12  die() { echo "ERROR: $@"; exit 1; }  die() { echo "ERROR: $@"; exit 1; }
    13    
    # Line 12  usage() Line 16  usage()
    16   echo "Usage:"   echo "Usage:"
    17   echo "      $0 [cert-name]"   echo "      $0 [cert-name]"
    18   echo   echo
    19   echo "The environment variables \$SSLCONFIG and \$CERTDIR wil be respected too."   echo "The environment variables \$SSLCONFIG and \$SSLDIR will be respected too."
    20   echo   echo
    21   die "No certificate name given!"   die "No certificate name given!"
    22  }  }
    # Line 20  usage() Line 24  usage()
    24  # sanity checks  # sanity checks
    25  [[ $(id -u) -ne 0 ]] && die "You must be root!"  [[ $(id -u) -ne 0 ]] && die "You must be root!"
    26  [[ -z ${CERTNAME} ]] && usage  [[ -z ${CERTNAME} ]] && usage
    27    [ ! -d ${CERTDIR} ] && die "${CERTDIR} directory doesn't exist!"
    28  CERTFILE="${CERTDIR}/${CERTNAME}.pem"  [ ! -d ${KEYDIR} ] && die "${KEYDIR} directory doesn't exist!"
    29  KEYFILE="${CERTDIR}/${CERTNAME}.key"  [ -f ${CERTFILE} ] && die "${CERTFILE} already exists, won't overwrite!"
    30    [ -f ${KEYFILE} ] && die "${KEYFILE} already exists, won't overwrite!"
    31    
    32  echo  echo
    33  echo "You may want to setup your default ssl config file first."  echo "You may want to setup your default ssl config file first."
    # Line 32  echo "Press [Enter] to continue, [CTRL-C Line 37  echo "Press [Enter] to continue, [CTRL-C
    37  read  read
    38    
    39  openssl req -new -x509 -nodes -config ${SSLCONFIG} -out ${CERTFILE} -keyout ${KEYFILE} -days 365 || die "Certificate request failed!"  openssl req -new -x509 -nodes -config ${SSLCONFIG} -out ${CERTFILE} -keyout ${KEYFILE} -days 365 || die "Certificate request failed!"
    40    # combine cert and keyfile to one cert
    41    cat ${CERTFILE} ${KEYFILE} > ${CERTFILE} || die "Combine failed!"
    42  chown root:root ${CERTFILE} ${KEYFILE} || die "Ownership failed!"  chown root:root ${CERTFILE} ${KEYFILE} || die "Ownership failed!"
    43  chmod 0600 ${CERTFILE} ${KEYFILE} || die "Permissions failed!"  chmod 0400 ${CERTFILE} ${KEYFILE} || die "Permissions failed!"
    44  echo  echo
    45  openssl x509 -subject -fingerprint -noout -in ${CERTFILE} || die "Fingerprint failed!"  openssl x509 -subject -fingerprint -noout -in ${CERTFILE} || die "Fingerprint failed!"
    Legend:
    Removed from v.997  
    changed lines
      Added in v.998