12345678910111213141516171819202122232425262728293031323334353637383940 |
- #! /bin/sh
- #
- # mkimapdcert,v 1.1 2001/01/02 03:54:25 drobbins Exp
- #
- # Copyright 2000 Double Precision, Inc. See COPYING for
- # distribution information.
- #
- # This is a short script to quickly generate a self-signed X.509 key for
- # IMAP over SSL. Normally this script would get called by an automatic
- # package installation routine.
- test -x /usr/bin/openssl || exit 0
- prefix="/usr"
- pemfile="/etc/courier-imap/pop3d.pem"
- randfile="/etc/courier-imap/pop3d.rand"
- if test -f $pemfile
- then
- echo "$pemfile already exists."
- exit 1
- fi
- cp /dev/null $pemfile
- chmod 600 $pemfile
- chown root $pemfile
- cleanup() {
- rm -f $pemfile
- rm -f $randfile
- exit 1
- }
- dd if=/dev/urandom of=$randfile count=1 2>/dev/null
- /usr/bin/openssl req -new -x509 -days 365 -nodes \
- -config /etc/courier-imap/pop3d.cnf -out $pemfile -keyout $pemfile || cleanup
- /usr/bin/openssl gendh -rand $randfile 512 >> $pemfile || cleanup
- /usr/bin/openssl x509 -subject -dates -fingerprint -noout -in $pemfile || cleanup
- rm -f $randfile
|