23 lines
780 B
Bash
Executable file
23 lines
780 B
Bash
Executable file
#!/bin/sh -e
|
|
# Yack 27/12/2000
|
|
#Création des certificats ssl pour les machines virtuelles ptt, news, et www
|
|
|
|
#Durée du certificat en jour :
|
|
DUREE=1095
|
|
|
|
export RANDFILE=/dev/random
|
|
for certificat in news ptt www; do
|
|
if [ -f /etc/ssl/certs/stunnel-$certificat.pem ];
|
|
then
|
|
echo "le certificat pour la machine $certificat existe deja."
|
|
else
|
|
openssl req $@ -config /etc/ssl/$certificat-crans-org.cnf \
|
|
-new -x509 -nodes -out /etc/ssl/certs/stunnel-$certificat.pem \
|
|
-keyout /etc/ssl/certs/stunnel-$certificat.pem \
|
|
-days $DUREE
|
|
chmod 600 /etc/ssl/certs/stunnel-$certificat.pem
|
|
ln -sf /etc/ssl/certs/stunnel-$certificat.pem \
|
|
/etc/ssl/certs/`/usr/bin/openssl \
|
|
x509 -noout -hash < /etc/ssl/certs/stunnel-$certificat.pem`.0;
|
|
fi
|
|
done
|