3 # Generates a self-signed certificate.
4 # Edit dovecot-openssl.cnf before running this.
8 OPENSSL=${OPENSSL-openssl}
9 SSLDIR=${SSLDIR-/etc/ssl}
10 OPENSSLCONFIG=${OPENSSLCONFIG-/usr/share/dovecot-cn/dovecot-openssl.cnf}
12 CERTKEYDIR=/etc/dovecot/private
14 CERTFILE=$CERTKEYDIR/dovecot.pem
15 KEYFILE=$CERTKEYDIR/dovecot.key
17 if [ ! -d $CERTKEYDIR ]; then
18 echo "$SSLDIR/certs directory doesn't exist"
22 if [ ! -d $CERTKEYDIR ]; then
23 echo "$SSLDIR/private directory doesn't exist"
27 if [ -f $CERTFILE ]; then
28 echo "$CERTFILE already exists, won't overwrite"
32 if [ -f $KEYFILE ]; then
33 echo "$KEYFILE already exists, won't overwrite"
37 $OPENSSL req -new -x509 -nodes -config $OPENSSLCONFIG -out $CERTFILE -keyout $KEYFILE -days 365 || exit 2
40 $OPENSSL x509 -subject -fingerprint -noout -in $CERTFILE || exit 2