Commit 38d09cee authored by Natanael Copa's avatar Natanael Copa

do not ask for user info when setting up self signed cert

parent 83faad7a
......@@ -56,6 +56,7 @@ ln -s /usr/share/acf/www/ /var/www/localhost/htdocs
SSLDIR=/etc/ssl/mini_httpd
SSLCNF=$SSLDIR/mini_httpd.cnf
KEYFILE=$SSLDIR/server.key
CRTFILE=$SSLDIR/server.crt
PEMFILE=$SSLDIR/server.pem
......@@ -63,9 +64,27 @@ PEMFILE=$SSLDIR/server.pem
if [ -f $PEMFILE ]; then
echo "$PEMFILE already exist."
else
mkdir -p $SSLDIR
cat <<EOF >$SSLCNF
[ req ]
default_bits = 1024
encrypt_key = yes
distinguished_name = req_dn
x509_extensions = cert_type
prompt = no
[ req_dn ]
OU=HTTPS server
CN=$(hostname -f)
emailAddress=postmaster@example.com
[ cert_type ]
nsCertType = server
EOF
echo "Generating certificates for HTTPS..."
openssl genrsa 2048 > $KEYFILE
openssl req -new -x509 -nodes -sha1 -days 3650 -key $KEYFILE > $CRTFILE
openssl req -new -x509 -nodes -sha1 -days 3650 -key $KEYFILE \
-config $SSLCNF > $CRTFILE
cat $KEYFILE >> $CRTFILE
rm $KEYFILE
mv $CRTFILE $PEMFILE
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment