diff options
author | Olivier Blin <oblin@mandriva.com> | 2009-10-30 17:05:01 +0000 |
---|---|---|
committer | Olivier Blin <oblin@mandriva.com> | 2009-10-30 17:05:01 +0000 |
commit | cb0ead32ea8906a4376cdf8260b28ea1f9bdbe5a (patch) | |
tree | 6837842b2e9a9e1f5c34dcc45b7d4af68ca6700b /trunk/create-ssl-certificate | |
parent | cfdd62e9007d51c8b4f5b94c4d4416b7093d4cf9 (diff) | |
parent | cad3b75e14148af3f16790f0f0201bad12ae0d5f (diff) | |
download | rpm-helper-cb0ead32ea8906a4376cdf8260b28ea1f9bdbe5a.tar rpm-helper-cb0ead32ea8906a4376cdf8260b28ea1f9bdbe5a.tar.gz rpm-helper-cb0ead32ea8906a4376cdf8260b28ea1f9bdbe5a.tar.bz2 rpm-helper-cb0ead32ea8906a4376cdf8260b28ea1f9bdbe5a.tar.xz rpm-helper-cb0ead32ea8906a4376cdf8260b28ea1f9bdbe5a.zip |
version 0.22.2v0.22.2
Diffstat (limited to 'trunk/create-ssl-certificate')
-rwxr-xr-x | trunk/create-ssl-certificate | 74 |
1 files changed, 0 insertions, 74 deletions
diff --git a/trunk/create-ssl-certificate b/trunk/create-ssl-certificate deleted file mode 100755 index 954f187..0000000 --- a/trunk/create-ssl-certificate +++ /dev/null @@ -1,74 +0,0 @@ -#!/bin/sh -# $Id$ -# helper script for creating ssl certificates - -while [ $# -gt 0 ]; do - case $1 in - -g) group=$2; shift 2;; - -b) bundle="true"; shift;; - *) args=( ${args[@]:-} $1 ); shift;; - esac -done - -pkg=${args[0]} # name of the package -num=${args[1]} # number of packages installed -srv=${args[2]} # name of the service - -if [ -z "$pkg" -o -z "$num" -o -z "$srv" ]; then - echo "usage: $0 [-g <group>] [-b] <pkg name> <num installed> <service>" 1>&2 - exit 1 -fi - -if [ ! -f /etc/pki/tls/private/$srv.pem ]; then - # default values - host=$(hostname) - KEY_LENGTH=1024 - CERT_DAYS=365 - EMAIL_ADDRESS=root@$host - COMMON_NAME=$host - ORGANISATIONAL_UNIT_NAME="default $srv cert for $host" - - # source configuration - if [ -f /etc/sysconfig/ssl ]; then - . /etc/sysconfig/ssl - fi - - conffile=/tmp/$$ - keyfile=/etc/pki/tls/private/$srv.pem - if [ "$bundle" == true ]; then - certfile=$keyfile - else - certfile=/etc/pki/tls/certs/$srv.pem - fi - - # create a temporary configuration file - cat > $conffile <<EOF -default_bits = $KEY_LENGTH -encrypt_key = no -prompt = no -distinguished_name = req_dn -req_extensions = req_ext - -[ req_dn ] -commonName = $COMMON_NAME -organizationalUnitName = $ORGANISATIONAL_UNIT_NAME -emailAddress = $EMAIL_ADDRESS - -[ req_ext ] -basicConstraints = CA:FALSE -EOF - - # generate certificates - openssl req -new -x509 -days $CERT_DAYS \ - -config $conffile \ - -keyout $keyfile \ - -out $certfile >/dev/null - - # enforce strict perms on key - if [ -n "$group" ]; then - chmod 640 $keyfile - chgrp $group $keyfile - else - chmod 600 $keyfile - fi -fi |