Skip to content
Permalink
Browse files

Create sslsilent Makefile option (#817)

* Create sslsilent Makefile option
This allows Eggdrop to generate SSL certificates without human intervention,
good for scripts and testing. Uses preset values for O, OU, and CN
* Bonus- typo fix!
  • Loading branch information...
vanosg committed Jun 25, 2019
1 parent a268c32 commit a2ae98978c46a455832ee223886f3127df457026
Showing with 17 additions and 4 deletions.
  1. +9 −3 Makefile.in
  2. +5 −0 doc/sphinx_source/installAndSetup/install.rst
  3. +3 −1 doc/sphinx_source/mainDocs/tls.rst
@@ -298,7 +298,7 @@ install-end = echo "" && echo "Installation completed." && echo "" && \
echo "Remember to change directory to $(DEST) before you proceed." && \
echo ""

sslcert:
sslstart:
@if test ! -d $(DEST); then \
echo "You haven't installed eggdrop yet, or you installed using the DEST= flag.";\
echo "Please run \"make install\" first.";\
@@ -310,8 +310,14 @@ sslcert:
fi && \
if test -f $(DEST)/eggdrop.crt; then \
cp $(DEST)/eggdrop.crt $(DEST)/eggdrop.crt~old; \
fi && \
openssl req -new -x509 -nodes -days 365 -keyout $(DEST)/eggdrop.key -out $(DEST)/eggdrop.crt -config ssl.conf; \
fi

sslcert: sslstart
openssl req -new -x509 -nodes -days 365 -keyout $(DEST)/eggdrop.key -out $(DEST)/eggdrop.crt -config ssl.conf

sslsilent: sslstart
openssl req -new -x509 -nodes -days 365 -keyout $(DEST)/eggdrop.key -out $(DEST)/eggdrop.crt -config ssl.conf \
-subj "/O=Eggheads/OU=Eggdrop/CN=Self-generated Eggdrop Certificate"

install: ainstall

@@ -88,6 +88,11 @@ Eggdrop uses the GNU autoconfigure scripts to make things easier.

make sslcert DEST=<directory>

For those using scripts to install Eggdrop, you can non-interactively
generate a key and certificate by running:

make sslsilent

Read docs/TLS for more info on this process.

6. Edit your config file completely.
@@ -115,7 +115,9 @@ The easy way to create a key and a certificate is to type 'make sslcert'
after compiling your bot (If you installed eggdrop to a non-standard
location, use make sslcert DEST=/path/to/eggdrop). This will generate a
4096-bit private key (eggdrop.key) and a certificate (eggdrop.crt) after
you fill in therequired fields.
you fill in the required fields. Alternatively, you can use 'make sslsilent'
to generate a key and certificate non-interactively, using pre-set values.
This is useful when installing Eggdrop via a scripted process.

To authenticate with a certificate instead of using password, you should
make a ssl certificate for yourself and enable ssl-cert-auth in the config

0 comments on commit a2ae989

Please sign in to comment.
You can’t perform that action at this time.