diff options
Diffstat (limited to 'scripts/ds-openssl-create.sh')
-rwxr-xr-x | scripts/ds-openssl-create.sh | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/scripts/ds-openssl-create.sh b/scripts/ds-openssl-create.sh new file mode 100755 index 0000000..3cfe71c --- /dev/null +++ b/scripts/ds-openssl-create.sh @@ -0,0 +1,25 @@ +#!/bin/sh -x + +cp password.txt /etc/dirsrv/slapd-pki-tomcat/password.txt +chown nobody.nobody /etc/dirsrv/slapd-pki-tomcat/password.txt +chmod 400 /etc/dirsrv/slapd-pki-tomcat/password.txt +echo "Internal (Software) Token:`cat /etc/dirsrv/slapd-pki-tomcat/password.txt`" > /etc/dirsrv/slapd-pki-tomcat/pin.txt +chown nobody.nobody /etc/dirsrv/slapd-pki-tomcat/pin.txt +chmod 400 /etc/dirsrv/slapd-pki-tomcat/pin.txt + +# generate CA certificate +#openssl req -newkey rsa:2048 -keyout dsca.key -nodes -x509 -out dsca.pem -subj "/CN=CAcert" -days 365 +#openssl pkcs12 -export -in dsca.pem -inkey dsca.key -out dsca.p12 -name "CA certificate" -passout pass:Secret123 +#pk12util -i dsca.p12 -d /etc/dirsrv/slapd-pki-tomcat -k /etc/dirsrv/slapd-pki-tomcat/pwdfile.txt -W Secret123 +#certutil -M -d /etc/dirsrv/slapd-pki-tomcat -n "CA certificate" -t "CTu,u,u" + +# generate server certificate +#openssl req -newkey rsa:2048 -keyout ds.key -nodes -new -out ds.csr -subj "/CN=$HOSTNAME" -days 365 +#openssl x509 -req -in ds.csr -CA dsca.pem -CAkey dsca.key -CAcreateserial -out ds.pem +#openssl pkcs12 -export -in ds.pem -inkey ds.key -out ds.p12 -name "Server-Cert" -passout pass:Secret123 +#pk12util -i ds.p12 -d /etc/dirsrv/slapd-pki-tomcat -k /etc/dirsrv/slapd-pki-tomcat/pwdfile.txt -W Secret123 + +openssl req -newkey rsa:2048 -keyout ds.key -nodes -x509 -out ds.crt -subj "/CN=$HOSTNAME" -days 365 +openssl pkcs12 -export -in ds.crt -inkey ds.key -out ds.p12 -name "DS Certificate" -passout file:/etc/dirsrv/slapd-pki-tomcat/password.txt +pk12util -i ds.p12 -d /etc/dirsrv/slapd-pki-tomcat -k /etc/dirsrv/slapd-pki-tomcat/password.txt -w /etc/dirsrv/slapd-pki-tomcat/password.txt +certutil -M -d /etc/dirsrv/slapd-pki-tomcat -n "DS Certificate" -t "CT,C,C" |