601969f Jun 18, 2010
executable file 49 lines (37 sloc) 810 Bytes
#!/bin/bash
#
# Copyright (c) Citrix Systems 2007, 2008. All rights reserved.
#
# Generate a ssl certificate file to use with stunnel
#
DIR=/tmp/ssl-generation-$$
FILE=$1
CN=$2
if [ -z "${CN}" ]; then
echo "usage: $0 <certname> <cn>"
exit 2
fi
if [ -e ${FILE} ]; then
echo "file already exists: cannot overwrite";
exit 3
fi
mkdir -p ${DIR}
chmod 700 ${DIR}
pushd ${DIR}
#config
cat <<@eof >config
[req] # openssl req params
prompt = no
distinguished_name = dn-param
[dn-param] # DN fields
CN = ${CN}
@eof
openssl genrsa 1024 > privkey.rsa
openssl req -batch -new -x509 -key privkey.rsa -days 3650 -config config -out cert.csr
openssl dhparam 512 > dh.pem
popd
(cat ${DIR}/privkey.rsa; echo ""; cat ${DIR}/cert.csr; \
echo ""; cat ${DIR}/dh.pem) > ${FILE}
chmod 400 ${FILE}
rm -rf ${DIR}
exit 0