- fixed comment
[packages/openssl.git] / openssl-ssl-certificate.sh
1 #!/bin/sh -e
2
3 CERT=/var/lib/openssl/certs/apache.pem
4 export RANDFILE=/dev/random
5
6 if [ "$1" != "--force" -a -f $CERT ]; then
7   echo "$CERT exists!  Use \"$0 --force.\""
8   exit 0
9 fi
10
11 if [ "$1" == "--force" ]; then
12   shift
13 fi     
14
15 echo
16 echo creating selfsingned certificate
17 echo "replace it with one signed by a certification authority (CA)"
18 echo
19 echo enter your ServerName at the Common Name prompt
20 echo
21 echo If you want your certificate to expire after x days call this programm 
22 echo with "-days x". Default: 30 days
23
24 # use special .cnf, because with normal one no valid selfsigned
25 # certificate is created
26
27 openssl req $@ -config /etc/openssl/openssl.cnf \
28   -new -x509 -nodes -out $CERT -keyout $CERT
29   
30 chmod 600 $CERT
31
32 ln -sf $CERT \
33   /var/lib/openssl/`/usr/bin/openssl x509 -noout -hash < $CERT`.0
This page took 0.027362 seconds and 4 git commands to generate.