docker-mailserver/target/bin/generate-ssl-certificate

33 lines
903 B
Bash
Executable file

#! /bin/bash
set -e
# check if FQDN was passed as arguement in setup.sh
if [[ -z ${1} ]]
then
FQDN="$(hostname --fqdn)"
else
FQDN="${1}"
fi
SSL_CFG_PATH="/tmp/docker-mailserver/ssl"
if [[ ! -d ${SSL_CFG_PATH} ]]
then
mkdir --parents "${SSL_CFG_PATH}"
fi
cd "${SSL_CFG_PATH}" || { echo "cd ${SSL_CFG_PATH} error" ; exit ; }
# Create CA certificate
/usr/lib/ssl/misc/CA.pl -newca
# Create an unpassworded private key and create an unsigned public key certificate
openssl req -new -nodes -keyout "${SSL_CFG_PATH}"/"${FQDN}"-key.pem -out "${SSL_CFG_PATH}"/"${FQDN}"-req.pem -days 3652
# Sign the public key certificate with CA certificate
openssl ca -out "${SSL_CFG_PATH}"/"${FQDN}"-cert.pem -infiles "${SSL_CFG_PATH}"/"${FQDN}"-req.pem
# Combine certificates for courier
cat "${SSL_CFG_PATH}"/"${FQDN}"-key.pem "${SSL_CFG_PATH}"/"${FQDN}"-cert.pem > "${SSL_CFG_PATH}"/"${FQDN}"-combined.pem