Mercurial > dovecot > original-hg > dovecot-1.2
annotate doc/mkcert.sh @ 9222:f850d37fae04 HEAD
Added tag 1.2.1 for changeset 557eb84a64ae
| author | Timo Sirainen <tss@iki.fi> |
|---|---|
| date | Thu, 09 Jul 2009 22:56:51 -0400 |
| parents | b668848fff11 |
| children |
| rev | line source |
|---|---|
|
657
85a888d2766e
Added script to easily generate self-signed certificate.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
1 #!/bin/sh |
|
85a888d2766e
Added script to easily generate self-signed certificate.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
2 |
|
85a888d2766e
Added script to easily generate self-signed certificate.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
3 # Generates a self-signed certificate. |
| 1242 | 4 # Edit dovecot-openssl.cnf before running this. |
|
657
85a888d2766e
Added script to easily generate self-signed certificate.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
5 |
|
85a888d2766e
Added script to easily generate self-signed certificate.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
6 OPENSSL=${OPENSSL-openssl} |
|
85a888d2766e
Added script to easily generate self-signed certificate.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
7 SSLDIR=${SSLDIR-/etc/ssl} |
|
85a888d2766e
Added script to easily generate self-signed certificate.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
8 OPENSSLCONFIG=${OPENSSLCONFIG-dovecot-openssl.cnf} |
|
85a888d2766e
Added script to easily generate self-signed certificate.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
9 |
|
4342
b668848fff11
If cert/key directories don't exist, exit immediately instead of just
Timo Sirainen <tss@iki.fi>
parents:
2351
diff
changeset
|
10 CERTDIR=$SSLDIR/certs |
|
b668848fff11
If cert/key directories don't exist, exit immediately instead of just
Timo Sirainen <tss@iki.fi>
parents:
2351
diff
changeset
|
11 KEYDIR=$SSLDIR/private |
|
657
85a888d2766e
Added script to easily generate self-signed certificate.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
12 |
|
4342
b668848fff11
If cert/key directories don't exist, exit immediately instead of just
Timo Sirainen <tss@iki.fi>
parents:
2351
diff
changeset
|
13 CERTFILE=$CERTDIR/dovecot.pem |
|
b668848fff11
If cert/key directories don't exist, exit immediately instead of just
Timo Sirainen <tss@iki.fi>
parents:
2351
diff
changeset
|
14 KEYFILE=$KEYDIR/dovecot.pem |
|
b668848fff11
If cert/key directories don't exist, exit immediately instead of just
Timo Sirainen <tss@iki.fi>
parents:
2351
diff
changeset
|
15 |
|
b668848fff11
If cert/key directories don't exist, exit immediately instead of just
Timo Sirainen <tss@iki.fi>
parents:
2351
diff
changeset
|
16 if [ ! -d $CERTDIR ]; then |
| 1621 | 17 echo "$SSLDIR/certs directory doesn't exist" |
|
4342
b668848fff11
If cert/key directories don't exist, exit immediately instead of just
Timo Sirainen <tss@iki.fi>
parents:
2351
diff
changeset
|
18 exit 1 |
|
657
85a888d2766e
Added script to easily generate self-signed certificate.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
19 fi |
|
85a888d2766e
Added script to easily generate self-signed certificate.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
20 |
|
4342
b668848fff11
If cert/key directories don't exist, exit immediately instead of just
Timo Sirainen <tss@iki.fi>
parents:
2351
diff
changeset
|
21 if [ ! -d $KEYDIR ]; then |
| 1621 | 22 echo "$SSLDIR/private directory doesn't exist" |
|
4342
b668848fff11
If cert/key directories don't exist, exit immediately instead of just
Timo Sirainen <tss@iki.fi>
parents:
2351
diff
changeset
|
23 exit 1 |
|
657
85a888d2766e
Added script to easily generate self-signed certificate.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
24 fi |
|
85a888d2766e
Added script to easily generate self-signed certificate.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
25 |
|
85a888d2766e
Added script to easily generate self-signed certificate.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
26 if [ -f $CERTFILE ]; then |
|
85a888d2766e
Added script to easily generate self-signed certificate.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
27 echo "$CERTFILE already exists, won't overwrite" |
|
85a888d2766e
Added script to easily generate self-signed certificate.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
28 exit 1 |
|
85a888d2766e
Added script to easily generate self-signed certificate.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
29 fi |
|
85a888d2766e
Added script to easily generate self-signed certificate.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
30 |
|
85a888d2766e
Added script to easily generate self-signed certificate.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
31 if [ -f $KEYFILE ]; then |
|
85a888d2766e
Added script to easily generate self-signed certificate.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
32 echo "$KEYFILE already exists, won't overwrite" |
|
85a888d2766e
Added script to easily generate self-signed certificate.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
33 exit 1 |
|
85a888d2766e
Added script to easily generate self-signed certificate.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
34 fi |
|
85a888d2766e
Added script to easily generate self-signed certificate.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
35 |
|
2351
080ac35855d5
Make certificate valid for one year
Timo Sirainen <tss@iki.fi>
parents:
1893
diff
changeset
|
36 $OPENSSL req -new -x509 -nodes -config $OPENSSLCONFIG -out $CERTFILE -keyout $KEYFILE -days 365 || exit 2 |
|
657
85a888d2766e
Added script to easily generate self-signed certificate.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
37 chmod 0600 $KEYFILE |
|
85a888d2766e
Added script to easily generate self-signed certificate.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
38 echo |
|
756
17598099d9ac
Subject printing used wrong certificate file.
Timo Sirainen <tss@iki.fi>
parents:
665
diff
changeset
|
39 $OPENSSL x509 -subject -fingerprint -noout -in $CERTFILE || exit 2 |