X-Git-Url: http://ftp.carnet.hr/carnet-debian/scm?p=dovecot-cn.git;a=blobdiff_plain;f=mkcert.sh;fp=mkcert.sh;h=3cd5a8ab2992880fa6db1f7d0945d847b9f84dd5;hp=0000000000000000000000000000000000000000;hb=a80671d5f813a53e6199cd63c7db8e89ba8c0d87;hpb=6dc17094b6fc20a9b486d97ab393523c76a79f69

diff --git a/mkcert.sh b/mkcert.sh
new file mode 100755
index 0000000..3cd5a8a
--- /dev/null
+++ b/mkcert.sh
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+# Generates a self-signed certificate.
+# Edit dovecot-openssl.cnf before running this.
+
+umask 077
+OPENSSL=${OPENSSL-openssl}
+SSLDIR=${SSLDIR-/etc/ssl}
+OPENSSLCONFIG=${OPENSSLCONFIG-dovecot-openssl.cnf}
+
+CERTDIR=/etc/dovecot
+KEYDIR=/etc/dovecot/private
+
+CERTFILE=$CERTDIR/dovecot.pem
+KEYFILE=$KEYDIR/dovecot.pem
+
+if [ ! -d $CERTDIR ]; then
+  echo "$SSLDIR/certs directory doesn't exist"
+  exit 1
+fi
+
+if [ ! -d $KEYDIR ]; then
+  echo "$SSLDIR/private directory doesn't exist"
+  exit 1
+fi
+
+if [ -f $CERTFILE ]; then
+  echo "$CERTFILE already exists, won't overwrite"
+  exit 1
+fi
+
+if [ -f $KEYFILE ]; then
+  echo "$KEYFILE already exists, won't overwrite"
+  exit 1
+fi
+
+$OPENSSL req -new -x509 -nodes -config $OPENSSLCONFIG -out $CERTFILE -keyout $KEYFILE -days 365 || exit 2
+chmod 0600 $KEYFILE
+echo 
+$OPENSSL x509 -subject -fingerprint -noout -in $CERTFILE || exit 2