From 8cd39c2a4ef5e8fd8d021fec8c001392765a737e Mon Sep 17 00:00:00 2001
From: krempp <none>
Date: Mon, 10 Jul 2000 00:50:11 +0200
Subject: [PATCH] seule modif vs le script de base : prends la config dans
 /etc/apache-ssl/CRANS-ssl.cnf ..

darcs-hash:20000709225011-92525-b179eda0e3a9a11f5e39657f965c43f6bddd785e.gz
---
 ssl-certificate | 31 +++++++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)
 create mode 100755 ssl-certificate

diff --git a/ssl-certificate b/ssl-certificate
new file mode 100755
index 00000000..6182d2b3
--- /dev/null
+++ b/ssl-certificate
@@ -0,0 +1,31 @@
+#!/bin/sh -e
+
+if [ "$1" != "--force" -a -f /etc/apache-ssl/apache.pem ]; then
+  echo "/etc/apache-ssl/apache.pem exists!  Use \"$0 --force.\""
+  exit 0
+fi
+
+if [ "$1" == "--force" ]; then
+  shift
+fi     
+
+echo
+echo creating selfsingned certificate
+echo "replace it with one signed by a certification authority (CA)"
+echo
+echo enter your ServerName at the Common Name prompt
+echo
+echo If you want your certificate to expire after x days call this programm 
+echo with "-days x" 
+
+# use special .cnf, because with normal one no valid selfsigned
+# certificate is created
+
+export RANDFILE=/dev/random
+openssl req $@ -config /etc/ssl/CRANS-ssl.cnf \
+  -new -x509 -nodes -out /etc/apache-ssl/apache.pem \
+  -keyout /etc/apache-ssl/apache.pem
+chmod 600 /etc/apache-ssl/apache.pem
+ln -sf /etc/apache-ssl/apache.pem \
+  /etc/apache-ssl/`/usr/bin/openssl \
+  x509 -noout -hash < /etc/apache-ssl/apache.pem`.0