mkcert.sh

   1 #!/bin/sh
   2
   3 # Generates a self-signed certificate.
   4 # Edit dovecot-openssl.cnf before running this.
   5 # edit by Zeljko Boros
   6
   7 umask 077
   8 OPENSSL=${OPENSSL-openssl}
   9 SSLDIR=${SSLDIR-/etc/ssl}
  10 OPENSSLCONFIG=${OPENSSLCONFIG-/usr/share/dovecot-cn/dovecot-openssl.cnf}
  11
  12 CERTKEYDIR=/etc/dovecot/private
  13
  14 CERTFILE=$CERTKEYDIR/dovecot.pem
  15 KEYFILE=$CERTKEYDIR/dovecot.key
  16
  17 if [ ! -d $CERTKEYDIR ]; then
  18   echo "$SSLDIR/certs directory doesn't exist"
  19   exit 1
  20 fi
  21
  22 if [ ! -d $CERTKEYDIR ]; then
  23   echo "$SSLDIR/private directory doesn't exist"
  24   exit 1
  25 fi
  26
  27 if [ -f $CERTFILE ]; then
  28   echo "$CERTFILE already exists, won't overwrite"
  29   exit 1
  30 fi
  31
  32 if [ -f $KEYFILE ]; then
  33   echo "$KEYFILE already exists, won't overwrite"
  34   exit 1
  35 fi
  36
  37 $OPENSSL req -new -x509 -nodes -config $OPENSSLCONFIG -out $CERTFILE -keyout $KEYFILE -days 365 || exit 2
  38 chmod 0600 $KEYFILE
  39 echo
  40 $OPENSSL x509 -subject -fingerprint -noout -in $CERTFILE || exit 2