aboutsummaryrefslogtreecommitdiffstats
path: root/trunk/create-ssl-certificate
diff options
context:
space:
mode:
authorOlivier Blin <oblin@mandriva.com>2009-10-30 17:05:01 +0000
committerOlivier Blin <oblin@mandriva.com>2009-10-30 17:05:01 +0000
commitcb0ead32ea8906a4376cdf8260b28ea1f9bdbe5a (patch)
tree6837842b2e9a9e1f5c34dcc45b7d4af68ca6700b /trunk/create-ssl-certificate
parentcfdd62e9007d51c8b4f5b94c4d4416b7093d4cf9 (diff)
parentcad3b75e14148af3f16790f0f0201bad12ae0d5f (diff)
downloadrpm-helper-cb0ead32ea8906a4376cdf8260b28ea1f9bdbe5a.tar
rpm-helper-cb0ead32ea8906a4376cdf8260b28ea1f9bdbe5a.tar.gz
rpm-helper-cb0ead32ea8906a4376cdf8260b28ea1f9bdbe5a.tar.bz2
rpm-helper-cb0ead32ea8906a4376cdf8260b28ea1f9bdbe5a.tar.xz
rpm-helper-cb0ead32ea8906a4376cdf8260b28ea1f9bdbe5a.zip
version 0.22.2v0.22.2
Diffstat (limited to 'trunk/create-ssl-certificate')
-rwxr-xr-xtrunk/create-ssl-certificate74
1 files changed, 0 insertions, 74 deletions
diff --git a/trunk/create-ssl-certificate b/trunk/create-ssl-certificate
deleted file mode 100755
index 954f187..0000000
--- a/trunk/create-ssl-certificate
+++ /dev/null
@@ -1,74 +0,0 @@
-#!/bin/sh
-# $Id$
-# helper script for creating ssl certificates
-
-while [ $# -gt 0 ]; do
- case $1 in
- -g) group=$2; shift 2;;
- -b) bundle="true"; shift;;
- *) args=( ${args[@]:-} $1 ); shift;;
- esac
-done
-
-pkg=${args[0]} # name of the package
-num=${args[1]} # number of packages installed
-srv=${args[2]} # name of the service
-
-if [ -z "$pkg" -o -z "$num" -o -z "$srv" ]; then
- echo "usage: $0 [-g <group>] [-b] <pkg name> <num installed> <service>" 1>&2
- exit 1
-fi
-
-if [ ! -f /etc/pki/tls/private/$srv.pem ]; then
- # default values
- host=$(hostname)
- KEY_LENGTH=1024
- CERT_DAYS=365
- EMAIL_ADDRESS=root@$host
- COMMON_NAME=$host
- ORGANISATIONAL_UNIT_NAME="default $srv cert for $host"
-
- # source configuration
- if [ -f /etc/sysconfig/ssl ]; then
- . /etc/sysconfig/ssl
- fi
-
- conffile=/tmp/$$
- keyfile=/etc/pki/tls/private/$srv.pem
- if [ "$bundle" == true ]; then
- certfile=$keyfile
- else
- certfile=/etc/pki/tls/certs/$srv.pem
- fi
-
- # create a temporary configuration file
- cat > $conffile <<EOF
-default_bits = $KEY_LENGTH
-encrypt_key = no
-prompt = no
-distinguished_name = req_dn
-req_extensions = req_ext
-
-[ req_dn ]
-commonName = $COMMON_NAME
-organizationalUnitName = $ORGANISATIONAL_UNIT_NAME
-emailAddress = $EMAIL_ADDRESS
-
-[ req_ext ]
-basicConstraints = CA:FALSE
-EOF
-
- # generate certificates
- openssl req -new -x509 -days $CERT_DAYS \
- -config $conffile \
- -keyout $keyfile \
- -out $certfile >/dev/null
-
- # enforce strict perms on key
- if [ -n "$group" ]; then
- chmod 640 $keyfile
- chgrp $group $keyfile
- else
- chmod 600 $keyfile
- fi
-fi