diff options
Diffstat (limited to 'community/exim/exim.gencert')
| -rw-r--r-- | community/exim/exim.gencert | 78 |
1 files changed, 78 insertions, 0 deletions
diff --git a/community/exim/exim.gencert b/community/exim/exim.gencert new file mode 100644 index 0000000000..98d04bda1e --- /dev/null +++ b/community/exim/exim.gencert @@ -0,0 +1,78 @@ +#!/bin/sh +set -e + +if [ -n "$EX4DEBUG" ]; then + echo "now debugging $0 $@" + set -x +fi + +DIR=/etc/exim +CERT=$DIR/exim.crt +KEY=$DIR/exim.key + +if ! which openssl > /dev/null ;then + echo "$0: openssl is not installed, exiting" 1>&2 + exit 1 +fi + +if [ "$1" != "--force" ] && [ -f $CERT ] && [ -f $KEY ]; then + echo "[*] $CERT and $KEY exists!" + printf "\n Use \"$0 --force\" to force generation!\n" + exit 0 +fi + +case "$1" in + --force) shift;; + --help) echo "Usage: $0 -or- $0 days keysize"; exit 0;; +esac + +DAYS=${1:-1095} +KEYSIZE=${2:-4096} +SSLEAY="$(mktemp)" && chmod 600 "$SSLEAY" + +cat > "$SSLEAY" <<-EOF + RANDFILE = $HOME/.rnd + [ req ] + default_bits = $KEYSIZE + default_keyfile = exim.key + distinguished_name = req_distinguished_name + [ req_distinguished_name ] + countryName = Country Code (2 letters) + countryName_default = US + countryName_min = 2 + countryName_max = 2 + stateOrProvinceName = State or Province Name (full name) + localityName = Locality Name (eg, city) + organizationName = Organization Name (eg, company; recommended) + organizationName_max = 64 + organizationalUnitName = Organizational Unit Name (eg, section) + organizationalUnitName_max = 64 + commonName = Server name (eg. ssl.domain.tld; required!!!) + commonName_max = 64 + emailAddress = Email Address + emailAddress_max = 40 +EOF + +cat <<-EOF + + [*] Generating a self signed SSL certificate for Exim: + + Key Size = $KEYSIZE Validity = $DAYS days + Key File = $KEY + Cert File = $CERT + +EOF +read -p 'Continue [ Y/n ] ? : ' ans + +case "$ans" in + n*|N*) exit 0;; + *) printf "\n Please enter the hostname of your MTA at the Common Name (CN) prompt:\n" + openssl req -config "$SSLEAY" -x509 -newkey rsa:$KEYSIZE -keyout $KEY -out $CERT -days $DAYS -nodes + rm -f "$SSLEAY" + + chown root:exim $KEY $CERT $DH + chmod 640 $KEY $CERT $DH + + printf "\n[*] Done generating self signed certificates for exim!" + ;; +esac |