seule modif vs le script de base : prends la config dans /etc/apache-ssl/CRANS-ssl.cnf ..
darcs-hash:20000709225011-92525-b179eda0e3a9a11f5e39657f965c43f6bddd785e.gz
This commit is contained in:
krempp
parent
6e40e63241
commit
8cd39c2a4e
1 changed files with 31 additions and 0 deletions
31
ssl-certificate
Executable file
31
ssl-certificate
Executable file
|
|
@ -0,0 +1,31 @@
|
||||||
|
#!/bin/sh -e
|
||||||
|
|
||||||
|
if [ "$1" != "--force" -a -f /etc/apache-ssl/apache.pem ]; then
|
||||||
|
echo "/etc/apache-ssl/apache.pem exists! Use \"$0 --force.\""
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ "$1" == "--force" ]; then
|
||||||
|
shift
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo
|
||||||
|
echo creating selfsingned certificate
|
||||||
|
echo "replace it with one signed by a certification authority (CA)"
|
||||||
|
echo
|
||||||
|
echo enter your ServerName at the Common Name prompt
|
||||||
|
echo
|
||||||
|
echo If you want your certificate to expire after x days call this programm
|
||||||
|
echo with "-days x"
|
||||||
|
|
||||||
|
# use special .cnf, because with normal one no valid selfsigned
|
||||||
|
# certificate is created
|
||||||
|
|
||||||
|
export RANDFILE=/dev/random
|
||||||
|
openssl req $@ -config /etc/ssl/CRANS-ssl.cnf \
|
||||||
|
-new -x509 -nodes -out /etc/apache-ssl/apache.pem \
|
||||||
|
-keyout /etc/apache-ssl/apache.pem
|
||||||
|
chmod 600 /etc/apache-ssl/apache.pem
|
||||||
|
ln -sf /etc/apache-ssl/apache.pem \
|
||||||
|
/etc/apache-ssl/`/usr/bin/openssl \
|
||||||
|
x509 -noout -hash < /etc/apache-ssl/apache.pem`.0
|
||||||
Loading…
Add table
Add a link
Reference in a new issue