docker-mailserver/target/bin/generate-ssl-certificate

#! /bin/bash

set -e

# check if FQDN was passed as arguement in setup.sh
if [[ -z ${1} ]]
then
  FQDN="$(hostname --fqdn)"
else
  FQDN="${1}"
fi

SSL_CFG_PATH="/tmp/docker-mailserver/ssl"

if [[ ! -d ${SSL_CFG_PATH} ]]
then
  mkdir --parents "${SSL_CFG_PATH}"
fi

cd "${SSL_CFG_PATH}" || { echo "cd ${SSL_CFG_PATH} error" ; exit ; }

# Create CA certificate
/usr/lib/ssl/misc/CA.pl -newca

# Create an unpassworded private key and create an unsigned public key certificate
openssl req -new -nodes -keyout "${SSL_CFG_PATH}"/"${FQDN}"-key.pem -out "${SSL_CFG_PATH}"/"${FQDN}"-req.pem -days 3652

# Sign the public key certificate with CA certificate
openssl ca -out "${SSL_CFG_PATH}"/"${FQDN}"-cert.pem -infiles "${SSL_CFG_PATH}"/"${FQDN}"-req.pem

# Combine certificates for courier
cat "${SSL_CFG_PATH}"/"${FQDN}"-key.pem "${SSL_CFG_PATH}"/"${FQDN}"-cert.pem > "${SSL_CFG_PATH}"/"${FQDN}"-combined.pem
Complete Refactor for `target/bin` (#1654) * documentation and script updates trying to fix #1647 * preparations for refactoring target/bin/ * complete refactor for target/bin/ * changing script output slightly * outsourcing functions in `bin-helper.sh` * re-wrote linting to allow for proper shellcheck -x execution * show explanation for shellcheck ignore * adding some more information 2020-10-21 16:16:32 +00:00			`#! /bin/bash`
Added a way to generate and configure a specific SSL certificate for postfix #14 2015-08-18 11:13:08 +00:00
Fixed self-signed cert generation (#1183) Added optional FQDN arguement to setup.sh script which avoids using temporary container hostname for cert names. Also fixed issue with certs being saved outside config volume 2019-07-29 09:14:36 +00:00			`set -e`
Fixes #14 with SSL configuration 2015-08-18 18:43:42 +00:00
Fixed self-signed cert generation (#1183) Added optional FQDN arguement to setup.sh script which avoids using temporary container hostname for cert names. Also fixed issue with certs being saved outside config volume 2019-07-29 09:14:36 +00:00			`# check if FQDN was passed as arguement in setup.sh`
Complete Refactor for `target/bin` (#1654) * documentation and script updates trying to fix #1647 * preparations for refactoring target/bin/ * complete refactor for target/bin/ * changing script output slightly * outsourcing functions in `bin-helper.sh` * re-wrote linting to allow for proper shellcheck -x execution * show explanation for shellcheck ignore * adding some more information 2020-10-21 16:16:32 +00:00			`if [[ -z ${1} ]]`
			`then`
			`FQDN="$(hostname --fqdn)"`
Fixed self-signed cert generation (#1183) Added optional FQDN arguement to setup.sh script which avoids using temporary container hostname for cert names. Also fixed issue with certs being saved outside config volume 2019-07-29 09:14:36 +00:00			`else`
Complete Refactor for `target/bin` (#1654) * documentation and script updates trying to fix #1647 * preparations for refactoring target/bin/ * complete refactor for target/bin/ * changing script output slightly * outsourcing functions in `bin-helper.sh` * re-wrote linting to allow for proper shellcheck -x execution * show explanation for shellcheck ignore * adding some more information 2020-10-21 16:16:32 +00:00			`FQDN="${1}"`
Fixed self-signed cert generation (#1183) Added optional FQDN arguement to setup.sh script which avoids using temporary container hostname for cert names. Also fixed issue with certs being saved outside config volume 2019-07-29 09:14:36 +00:00			`fi`

Complete Refactor for `target/bin` (#1654) * documentation and script updates trying to fix #1647 * preparations for refactoring target/bin/ * complete refactor for target/bin/ * changing script output slightly * outsourcing functions in `bin-helper.sh` * re-wrote linting to allow for proper shellcheck -x execution * show explanation for shellcheck ignore * adding some more information 2020-10-21 16:16:32 +00:00			`SSL_CFG_PATH="/tmp/docker-mailserver/ssl"`
Fixed self-signed cert generation (#1183) Added optional FQDN arguement to setup.sh script which avoids using temporary container hostname for cert names. Also fixed issue with certs being saved outside config volume 2019-07-29 09:14:36 +00:00
Complete Refactor for `target/bin` (#1654) * documentation and script updates trying to fix #1647 * preparations for refactoring target/bin/ * complete refactor for target/bin/ * changing script output slightly * outsourcing functions in `bin-helper.sh` * re-wrote linting to allow for proper shellcheck -x execution * show explanation for shellcheck ignore * adding some more information 2020-10-21 16:16:32 +00:00			`if [[ ! -d ${SSL_CFG_PATH} ]]`
			`then`
Make directory with parent directories (#1862) 2021-03-23 13:50:29 +00:00			`mkdir --parents "${SSL_CFG_PATH}"`
Fixed self-signed cert generation (#1183) Added optional FQDN arguement to setup.sh script which avoids using temporary container hostname for cert names. Also fixed issue with certs being saved outside config volume 2019-07-29 09:14:36 +00:00			`fi`

Complete Refactor for `target/bin` (#1654) * documentation and script updates trying to fix #1647 * preparations for refactoring target/bin/ * complete refactor for target/bin/ * changing script output slightly * outsourcing functions in `bin-helper.sh` * re-wrote linting to allow for proper shellcheck -x execution * show explanation for shellcheck ignore * adding some more information 2020-10-21 16:16:32 +00:00			`cd "${SSL_CFG_PATH}" \|\| { echo "cd ${SSL_CFG_PATH} error" ; exit ; }`

Fixes #14 with SSL configuration 2015-08-18 18:43:42 +00:00			`# Create CA certificate`
			`/usr/lib/ssl/misc/CA.pl -newca`
Complete Refactor for `target/bin` (#1654) * documentation and script updates trying to fix #1647 * preparations for refactoring target/bin/ * complete refactor for target/bin/ * changing script output slightly * outsourcing functions in `bin-helper.sh` * re-wrote linting to allow for proper shellcheck -x execution * show explanation for shellcheck ignore * adding some more information 2020-10-21 16:16:32 +00:00
Fixes #14 with SSL configuration 2015-08-18 18:43:42 +00:00			`# Create an unpassworded private key and create an unsigned public key certificate`
Complete Refactor for `target/bin` (#1654) * documentation and script updates trying to fix #1647 * preparations for refactoring target/bin/ * complete refactor for target/bin/ * changing script output slightly * outsourcing functions in `bin-helper.sh` * re-wrote linting to allow for proper shellcheck -x execution * show explanation for shellcheck ignore * adding some more information 2020-10-21 16:16:32 +00:00			`openssl req -new -nodes -keyout "${SSL_CFG_PATH}"/"${FQDN}"-key.pem -out "${SSL_CFG_PATH}"/"${FQDN}"-req.pem -days 3652`

Fixes #14 with SSL configuration 2015-08-18 18:43:42 +00:00			`# Sign the public key certificate with CA certificate`
Complete Refactor for `target/bin` (#1654) * documentation and script updates trying to fix #1647 * preparations for refactoring target/bin/ * complete refactor for target/bin/ * changing script output slightly * outsourcing functions in `bin-helper.sh` * re-wrote linting to allow for proper shellcheck -x execution * show explanation for shellcheck ignore * adding some more information 2020-10-21 16:16:32 +00:00			`openssl ca -out "${SSL_CFG_PATH}"/"${FQDN}"-cert.pem -infiles "${SSL_CFG_PATH}"/"${FQDN}"-req.pem`

Fixes #14 with SSL configuration 2015-08-18 18:43:42 +00:00			`# Combine certificates for courier`
Complete Refactor for `target/bin` (#1654) * documentation and script updates trying to fix #1647 * preparations for refactoring target/bin/ * complete refactor for target/bin/ * changing script output slightly * outsourcing functions in `bin-helper.sh` * re-wrote linting to allow for proper shellcheck -x execution * show explanation for shellcheck ignore * adding some more information 2020-10-21 16:16:32 +00:00			`cat "${SSL_CFG_PATH}"/"${FQDN}"-key.pem "${SSL_CFG_PATH}"/"${FQDN}"-cert.pem > "${SSL_CFG_PATH}"/"${FQDN}"-combined.pem`