HCoop / hcoop / domtool2.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
A little more verbose on SSL context error; script for creating daemon certs
[hcoop/domtool2.git] / scripts / domtool-addcert-daemon
diff --git a/scripts/domtool-addcert-daemon b/scripts/domtool-addcert-daemon
new file mode 100755 (executable)
index 0000000..96242f4
--- /dev/null
+++ b/scripts/domtool-addcert-daemon
@@ -0,0 +1,28 @@
+#!/bin/sh -e
+
+  KEYDIR=/afs/hcoop.net/common/etc/domtool/keys/$1
+ KEYFILE=$KEYDIR/key.pem
+CERTFILE=/afs/hcoop.net/common/etc/domtool/certs/$1.pem
+  NEWREQ=~/.newreq.pem
+     NEW=~/.new.pem
+   KEYIN=~/.keyin
+
+mkdir $KEYDIR || echo Already exists
+openssl genrsa -out $KEYFILE
+chown -R domtool.domtool $KEYDIR
+echo "." >$KEYIN
+echo "." >>$KEYIN
+echo "." >>$KEYIN
+echo "." >>$KEYIN
+echo "." >>$KEYIN
+echo "$1" >>$KEYIN
+echo "$1@hcoop.net" >>$KEYIN
+echo "" >>$KEYIN
+echo "" >>$KEYIN
+openssl req -new -key $KEYFILE -out $NEWREQ -days 365 <$KEYIN
+rm $KEYIN
+cat $NEWREQ $KEYFILE >$NEW
+rm $NEWREQ
+openssl ca -batch -config /etc/domtool/openssl.cnf -policy policy_anything -out $CERTFILE -infiles $NEW
+rm $NEW
+chown domtool.domtool $CERTFILE
Unnamed repository; edit this file to name it for gitweb.