do not ask for user info when setting up self signed cert

38d09cee · Natanael Copa · 83faad7a · 38d09cee
Commit 38d09cee authored Mar 05, 2008 by Natanael Copa
Hide whitespace changes
Inline Side-by-side

Showing with 20 additions and 1 deletion

setup-webconf setup-webconf +20 -1

No files found.
--- a/setup-webconf
+++ b/setup-webconf
@@ -56,6 +56,7 @@ ln -s /usr/share/acf/www/ /var/www/localhost/htdocs


 SSLDIR=/etc/ssl/mini_httpd
+SSLCNF=$SSLDIR/mini_httpd.cnf
 KEYFILE=$SSLDIR/server.key
 CRTFILE=$SSLDIR/server.crt
 PEMFILE=$SSLDIR/server.pem
@@ -63,9 +64,27 @@ PEMFILE=$SSLDIR/server.pem
 if [ -f $PEMFILE ]; then
 	echo "$PEMFILE already exist."
 else
+	mkdir -p $SSLDIR
+cat <<EOF >$SSLCNF
+[ req ]
+default_bits = 1024
+encrypt_key = yes
+distinguished_name = req_dn
+x509_extensions = cert_type
+prompt = no
+
+[ req_dn ]
+OU=HTTPS server
+CN=$(hostname -f)
+emailAddress=postmaster@example.com
+
+[ cert_type ]
+nsCertType = server
+EOF
 	echo "Generating certificates for HTTPS..."
 	openssl genrsa 2048 > $KEYFILE
-	openssl req -new -x509 -nodes -sha1 -days 3650 -key $KEYFILE > $CRTFILE
+	openssl req -new -x509 -nodes -sha1 -days 3650 -key $KEYFILE \
+		-config $SSLCNF > $CRTFILE
 	cat $KEYFILE >> $CRTFILE
 	rm $KEYFILE
 	mv $CRTFILE $PEMFILE