-mkcert.sh usr/share/dovecot-cn
+mkcert.sh usr/share/dovecot-cn
+dovecot-openssl.cnf usr/share/dovecot-cn
if ! grep -q ^ssl_cert /etc/dovecot/conf.d/10-ssl.conf \
&& ! grep -q ^ssl_key /etc/dovecot/conf.d/10-ssl.conf; then
+
+ echo "CN: Generating certificate and key..."
+ /usr/share/dovecot-cn/mkcert.sh > /dev/null
+
cp_check_and_sed '#ssl_cert = </etc/dovecot/dovecot.pem' \
's|#ssl_cert = </etc/dovecot/dovecot.pem|ssl_cert = </etc/dovecot/dovecot.pem|g' \
/etc/dovecot/conf.d/10-ssl.conf || true
cp_check_and_sed '#ssl_key = </etc/dovecot/private/dovecot.pem' \
's|#ssl_key = </etc/dovecot/private/dovecot.pem|ssl_key = </etc/dovecot/private/dovecot.pem|g' \
/etc/dovecot/conf.d/10-ssl.conf || true
-
- echo "CN: Generating certificate and key..."
- /usr/share/dovecot-cn/mkcert.sh > /dev/null
fi
--- /dev/null
+[ req ]
+default_bits = 1024
+encrypt_key = yes
+distinguished_name = req_dn
+x509_extensions = cert_type
+prompt = no
+
+[ req_dn ]
+# country (2 letter code)
+#C=FI
+
+# State or Province Name (full name)
+#ST=
+
+# Locality Name (eg. city)
+#L=Helsinki
+
+# Organization (eg. company)
+#O=Dovecot
+
+# Organizational Unit Name (eg. section)
+OU=IMAP server
+
+# Common Name (*.example.com is also possible)
+CN=imap.example.com
+
+# E-mail contact
+emailAddress=postmaster@example.com
+
+[ cert_type ]
+nsCertType = server
umask 077
OPENSSL=${OPENSSL-openssl}
SSLDIR=${SSLDIR-/etc/ssl}
-OPENSSLCONFIG=${OPENSSLCONFIG-dovecot-openssl.cnf}
+OPENSSLCONFIG=${OPENSSLCONFIG-/usr/share/dovecot-cn/dovecot-openssl.cnf}
CERTDIR=/etc/dovecot
KEYDIR=/etc/dovecot/private
projects / dovecot-cn.git / commitdiff