diff options
| author | Valery Kartel <valery.kartel@gmail.com> | 2017-04-24 23:45:41 +0300 |
|---|---|---|
| committer | Leonardo Arena <rnalrd@alpinelinux.org> | 2017-04-25 08:40:59 +0000 |
| commit | d93a16e6ddac2cdebdc59adcf0d755a5d85c65bb (patch) | |
| tree | 4fb4aef5607e9bbbd4f983676ef0c1e2b5466551 /community/exim/exim.gencert | |
| parent | e526a03906bcc61aefa7729e23fdfc5f1579f3d8 (diff) | |
| download | aports-d93a16e6ddac2cdebdc59adcf0d755a5d85c65bb.tar.bz2 aports-d93a16e6ddac2cdebdc59adcf0d755a5d85c65bb.tar.xz | |
community/exim: move from testing
It works pretty fine.
So, I think, it's time to move it from testing.
Diffstat (limited to 'community/exim/exim.gencert')
| -rw-r--r-- | community/exim/exim.gencert | 78 |
1 files changed, 78 insertions, 0 deletions
diff --git a/community/exim/exim.gencert b/community/exim/exim.gencert new file mode 100644 index 0000000000..98d04bda1e --- /dev/null +++ b/community/exim/exim.gencert @@ -0,0 +1,78 @@ +#!/bin/sh +set -e + +if [ -n "$EX4DEBUG" ]; then + echo "now debugging $0 $@" + set -x +fi + +DIR=/etc/exim +CERT=$DIR/exim.crt +KEY=$DIR/exim.key + +if ! which openssl > /dev/null ;then + echo "$0: openssl is not installed, exiting" 1>&2 + exit 1 +fi + +if [ "$1" != "--force" ] && [ -f $CERT ] && [ -f $KEY ]; then + echo "[*] $CERT and $KEY exists!" + printf "\n Use \"$0 --force\" to force generation!\n" + exit 0 +fi + +case "$1" in + --force) shift;; + --help) echo "Usage: $0 -or- $0 days keysize"; exit 0;; +esac + +DAYS=${1:-1095} +KEYSIZE=${2:-4096} +SSLEAY="$(mktemp)" && chmod 600 "$SSLEAY" + +cat > "$SSLEAY" <<-EOF + RANDFILE = $HOME/.rnd + [ req ] + default_bits = $KEYSIZE + default_keyfile = exim.key + distinguished_name = req_distinguished_name + [ req_distinguished_name ] + countryName = Country Code (2 letters) + countryName_default = US + countryName_min = 2 + countryName_max = 2 + stateOrProvinceName = State or Province Name (full name) + localityName = Locality Name (eg, city) + organizationName = Organization Name (eg, company; recommended) + organizationName_max = 64 + organizationalUnitName = Organizational Unit Name (eg, section) + organizationalUnitName_max = 64 + commonName = Server name (eg. ssl.domain.tld; required!!!) + commonName_max = 64 + emailAddress = Email Address + emailAddress_max = 40 +EOF + +cat <<-EOF + + [*] Generating a self signed SSL certificate for Exim: + + Key Size = $KEYSIZE Validity = $DAYS days + Key File = $KEY + Cert File = $CERT + +EOF +read -p 'Continue [ Y/n ] ? : ' ans + +case "$ans" in + n*|N*) exit 0;; + *) printf "\n Please enter the hostname of your MTA at the Common Name (CN) prompt:\n" + openssl req -config "$SSLEAY" -x509 -newkey rsa:$KEYSIZE -keyout $KEY -out $CERT -days $DAYS -nodes + rm -f "$SSLEAY" + + chown root:exim $KEY $CERT $DH + chmod 640 $KEY $CERT $DH + + printf "\n[*] Done generating self signed certificates for exim!" + ;; +esac |