summaryrefslogtreecommitdiff
path: root/bin
diff options
context:
space:
mode:
Diffstat (limited to 'bin')
-rwxr-xr-xbin/generate_self_signed_cert55
1 files changed, 55 insertions, 0 deletions
diff --git a/bin/generate_self_signed_cert b/bin/generate_self_signed_cert
new file mode 100755
index 0000000..bfd3f0c
--- /dev/null
+++ b/bin/generate_self_signed_cert
@@ -0,0 +1,55 @@
+#!/bin/bash
+# = Parabola Social
+# Generates a self-signed certificate and installs it.
+# From: http://www.akadia.com/services/ssh_test_certificate.html
+
+# This script is released in the Public Domain.
+
+# Exit status:
+# 0 - Everything OK
+# 1 - Private key generation failed
+# 2 - CSR generation failed
+# 3 - Copying the encrypted key failed
+# 4 - Private key decryption failed
+# 5 - CSR signing failed
+# 6 - Linking local key failed
+# 7 - Linking local certificate failed
+
+# Standard Arch's SSL directories
+ssl_dir=/etc/ssl
+ssl_key_dir=${ssl_dir}/private
+ssl_crt_dir=${ssl_dir}/certs
+
+# Hostname should be already set
+hostname=`hostname`
+
+echo ":: Generating a private key.
+ The generated file *must not be shared* with anyone. It's private."
+openssl genrsa -des3 \
+ -out ${ssl_dir}/${hostname}.key 1024 || exit 1
+
+echo ":: Generating a Certificate Signing Request.
+ This can be signed by you or by a Certificate Authority."
+openssl req -new \
+ -key ${ssl_dir}/${hostname}.key \
+ -out ${ssl_dir}/${hostname}.csr || exit 2
+
+cp ${ssl_dir}/${hostname}.key{,.encrypted} || exit 3
+
+echo ":: Decrypting the private key..."
+openssl rsa -in ${ssl_dir}/${hostname}.key.encrypted \
+ -out ${ssl_key_dir}/${hostname}.key || exit 4
+
+echo ":: Signing the Certificate Signing Request.
+ This step will generate your self-signed certificate to use on secure connections."
+openssl x509 -req \
+ -days 365 \
+ -in ${ssl_dir}/${hostname}.csr \
+ -signkey ${ssl_key_dir}/${hostname}.key \
+ -out ${ssl_crt_dir}/${hostname}.crt || exit 5
+
+echo ":: Installing private key and certificate into local directories."
+ln -s ${ssl_key_dir}/${hostname}.key ${ssl_key_dir}/local.key || exit 6
+ln -s ${ssl_crt_dir}/${hostname}.crt ${ssl_crt_dir}/local.crt || exit 7
+
+exit 0
generated by cgit v1.2.2 (git 2.25.0) at 2024-04-25 14:37:37 +0000