[packages/openssl.git] / openssl-ssl-certificate.sh

#!/bin/sh -e

CERT=/etc/openssl/certs/apache.pem
export RANDFILE=/dev/random

if [ "$1" != "--force" -a -f $CERT ]; then
  echo "$CERT exists!  Use \"$0 --force.\""
  exit 0
fi

if [ "$1" = "--force" ]; then
  shift
fi     

echo
echo creating selfsingned certificate
echo "replace it with one signed by a certification authority (CA)"
echo
echo enter your ServerName at the Common Name prompt
echo
echo If you want your certificate to expire after x days call this programm 
echo with "-days x". Default: 30 days

# use special .cnf, because with normal one no valid selfsigned
# certificate is created

openssl req $@ -config /etc/openssl/openssl.cnf \
  -new -x509 -nodes -out $CERT -keyout $CERT
  
chmod 600 $CERT

ln -sf $CERT \
  /etc/openssl/certs/`/usr/bin/openssl x509 -noout -hash < $CERT`.0
Commit	Line	Data
15ceaa80 PG	1	#!/bin/sh -e
15ceaa80 PG	2
db05d2e5	3	CERT=/etc/openssl/certs/apache.pem
15ceaa80 PG	4	export RANDFILE=/dev/random
	5
	6	if [ "$1" != "--force" -a -f $CERT ]; then
	7	echo "$CERT exists! Use \"$0 --force.\""
	8	exit 0
	9	fi
	10
96dc38ee	11	if [ "$1" = "--force" ]; then
15ceaa80 PG	12	shift
	13	fi
	14
	15	echo
	16	echo creating selfsingned certificate
	17	echo "replace it with one signed by a certification authority (CA)"
	18	echo
	19	echo enter your ServerName at the Common Name prompt
	20	echo
	21	echo If you want your certificate to expire after x days call this programm
a4271e4c	22	echo with "-days x". Default: 30 days
15ceaa80 PG	23
	24	# use special .cnf, because with normal one no valid selfsigned
	25	# certificate is created
	26
	27	openssl req $@ -config /etc/openssl/openssl.cnf \
	28	-new -x509 -nodes -out $CERT -keyout $CERT
	29
	30	chmod 600 $CERT
	31
	32	ln -sf $CERT \
db05d2e5	33	/etc/openssl/certs/`/usr/bin/openssl x509 -noout -hash < $CERT`.0