From: Ivan Rako Date: Tue, 9 May 2017 13:46:00 +0000 (+0200) Subject: dodan openssl-dovecot.cnf X-Git-Tag: debian/1%2.2.13_cn1~2 X-Git-Url: http://ftp.carnet.hr/carnet-debian/scm?a=commitdiff_plain;h=6d2014011d422a5cd4d0a4de254a000a5e7a84ec;p=dovecot-cn.git dodan openssl-dovecot.cnf --- diff --git a/debian/install b/debian/install index 8fbdb23..d362fd6 100644 --- a/debian/install +++ b/debian/install @@ -1 +1,2 @@ -mkcert.sh usr/share/dovecot-cn +mkcert.sh usr/share/dovecot-cn +dovecot-openssl.cnf usr/share/dovecot-cn diff --git a/debian/postinst b/debian/postinst index 6ecc8f6..4cc3cb3 100755 --- a/debian/postinst +++ b/debian/postinst @@ -46,15 +46,16 @@ cp_check_and_sed 'ssl = no' \ if ! grep -q ^ssl_cert /etc/dovecot/conf.d/10-ssl.conf \ && ! grep -q ^ssl_key /etc/dovecot/conf.d/10-ssl.conf; then + + echo "CN: Generating certificate and key..." + /usr/share/dovecot-cn/mkcert.sh > /dev/null + cp_check_and_sed '#ssl_cert = /dev/null fi diff --git a/dovecot-openssl.cnf b/dovecot-openssl.cnf new file mode 100644 index 0000000..b2dfebf --- /dev/null +++ b/dovecot-openssl.cnf @@ -0,0 +1,31 @@ +[ req ] +default_bits = 1024 +encrypt_key = yes +distinguished_name = req_dn +x509_extensions = cert_type +prompt = no + +[ req_dn ] +# country (2 letter code) +#C=FI + +# State or Province Name (full name) +#ST= + +# Locality Name (eg. city) +#L=Helsinki + +# Organization (eg. company) +#O=Dovecot + +# Organizational Unit Name (eg. section) +OU=IMAP server + +# Common Name (*.example.com is also possible) +CN=imap.example.com + +# E-mail contact +emailAddress=postmaster@example.com + +[ cert_type ] +nsCertType = server diff --git a/mkcert.sh b/mkcert.sh index 3cd5a8a..3689b17 100755 --- a/mkcert.sh +++ b/mkcert.sh @@ -6,7 +6,7 @@ umask 077 OPENSSL=${OPENSSL-openssl} SSLDIR=${SSLDIR-/etc/ssl} -OPENSSLCONFIG=${OPENSSLCONFIG-dovecot-openssl.cnf} +OPENSSLCONFIG=${OPENSSLCONFIG-/usr/share/dovecot-cn/dovecot-openssl.cnf} CERTDIR=/etc/dovecot KEYDIR=/etc/dovecot/private