From b37d61848e087e392fd3b3b52044fe1832c07c1f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicol=C3=A1s=20Reynolds?= Date: Sun, 24 Oct 2010 04:44:58 -0300 Subject: Added script for generating self-signed certificates --- bin/generate_self_signed_cert | 55 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 55 insertions(+) create mode 100755 bin/generate_self_signed_cert (limited to 'bin/generate_self_signed_cert') diff --git a/bin/generate_self_signed_cert b/bin/generate_self_signed_cert new file mode 100755 index 0000000..bfd3f0c --- /dev/null +++ b/bin/generate_self_signed_cert @@ -0,0 +1,55 @@ +#!/bin/bash +# = Parabola Social +# Generates a self-signed certificate and installs it. +# From: http://www.akadia.com/services/ssh_test_certificate.html + +# This script is released in the Public Domain. + +# Exit status: +# 0 - Everything OK +# 1 - Private key generation failed +# 2 - CSR generation failed +# 3 - Copying the encrypted key failed +# 4 - Private key decryption failed +# 5 - CSR signing failed +# 6 - Linking local key failed +# 7 - Linking local certificate failed + +# Standard Arch's SSL directories +ssl_dir=/etc/ssl +ssl_key_dir=${ssl_dir}/private +ssl_crt_dir=${ssl_dir}/certs + +# Hostname should be already set +hostname=`hostname` + +echo ":: Generating a private key. + The generated file *must not be shared* with anyone. It's private." +openssl genrsa -des3 \ + -out ${ssl_dir}/${hostname}.key 1024 || exit 1 + +echo ":: Generating a Certificate Signing Request. + This can be signed by you or by a Certificate Authority." +openssl req -new \ + -key ${ssl_dir}/${hostname}.key \ + -out ${ssl_dir}/${hostname}.csr || exit 2 + +cp ${ssl_dir}/${hostname}.key{,.encrypted} || exit 3 + +echo ":: Decrypting the private key..." +openssl rsa -in ${ssl_dir}/${hostname}.key.encrypted \ + -out ${ssl_key_dir}/${hostname}.key || exit 4 + +echo ":: Signing the Certificate Signing Request. + This step will generate your self-signed certificate to use on secure connections." +openssl x509 -req \ + -days 365 \ + -in ${ssl_dir}/${hostname}.csr \ + -signkey ${ssl_key_dir}/${hostname}.key \ + -out ${ssl_crt_dir}/${hostname}.crt || exit 5 + +echo ":: Installing private key and certificate into local directories." +ln -s ${ssl_key_dir}/${hostname}.key ${ssl_key_dir}/local.key || exit 6 +ln -s ${ssl_crt_dir}/${hostname}.crt ${ssl_crt_dir}/local.crt || exit 7 + +exit 0 -- cgit v1.2.2