32 lines
912 B
Bash
Executable file
32 lines
912 B
Bash
Executable file
#!/bin/sh -e
|
|
|
|
if [ "$1" != "--force" -a -f /etc/apache-ssl/apache.pem ]; then
|
|
echo "/etc/apache-ssl/apache.pem exists! Use \"$0 --force.\""
|
|
exit 0
|
|
fi
|
|
|
|
if [ "$1" == "--force" ]; then
|
|
shift
|
|
fi
|
|
|
|
echo
|
|
echo creating selfsingned certificate
|
|
echo "replace it with one signed by a certification authority (CA)"
|
|
echo
|
|
echo enter your ServerName at the Common Name prompt
|
|
echo
|
|
echo If you want your certificate to expire after x days call this programm
|
|
echo with "-days x"
|
|
|
|
# use special .cnf, because with normal one no valid selfsigned
|
|
# certificate is created
|
|
|
|
export RANDFILE=/dev/random
|
|
openssl req $@ -config /etc/ssl/CRANS-ssl.cnf \
|
|
-new -x509 -nodes -out /etc/apache-ssl/apache.pem \
|
|
-keyout /etc/apache-ssl/apache.pem \
|
|
-days 1095
|
|
chmod 600 /etc/apache-ssl/apache.pem
|
|
ln -sf /etc/apache-ssl/apache.pem \
|
|
/etc/apache-ssl/`/usr/bin/openssl \
|
|
x509 -noout -hash < /etc/apache-ssl/apache.pem`.0
|