]>
git.ipfire.org Git - people/pmueller/ipfire-2.x.git/blob - src/initscripts/system/apache
2 ###############################################################################
4 # IPFire.org - A linux based firewall #
5 # Copyright (C) 2007-2022 IPFire Team <info@ipfire.org> #
7 # This program is free software: you can redistribute it and/or modify #
8 # it under the terms of the GNU General Public License as published by #
9 # the Free Software Foundation, either version 3 of the License, or #
10 # (at your option) any later version. #
12 # This program is distributed in the hope that it will be useful, #
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
15 # GNU General Public License for more details. #
17 # You should have received a copy of the GNU General Public License #
18 # along with this program. If not, see <http://www.gnu.org/licenses/>. #
20 ###############################################################################
25 generate_certificates
() {
26 if [ ! -f "/etc/httpd/server.key" ]; then
27 boot_mesg
"Generating HTTPS RSA server key (this will take a moment)..."
28 openssl genrsa
-out /etc
/httpd
/server.key
4096 &>/dev
/null
29 chmod 600 /etc
/httpd
/server.key
33 if [ ! -f "/etc/httpd/server-ecdsa.key" ]; then
34 boot_mesg
"Generating HTTPS ECDSA server key..."
35 openssl ecparam
-genkey -name secp384r1
-noout \
36 -out /etc
/httpd
/server-ecdsa.key
&>/dev
/null
37 chmod 600 /etc
/httpd
/server-ecdsa.key
42 if [ ! -f "/etc/httpd/server.csr" ]; then
43 sed "s/HOSTNAME/`hostname -f`/" < /etc
/certparams | \
44 openssl req
-new -key /etc
/httpd
/server.key \
45 -out /etc
/httpd
/server.csr
&>/dev
/null
49 if [ ! -f "/etc/httpd/server-ecdsa.csr" ]; then
50 sed "s/HOSTNAME/`hostname -f`/" < /etc
/certparams | \
51 openssl req
-new -key /etc
/httpd
/server-ecdsa.key \
52 -out /etc
/httpd
/server-ecdsa.csr
&>/dev
/null
55 if [ ! -f "/etc/httpd/server.crt" ]; then
56 boot_mesg
"Signing RSA certificate..."
57 openssl x509
-req -days 999999 -sha256 \
58 -in /etc
/httpd
/server.csr \
59 -signkey /etc
/httpd
/server.key \
60 -out /etc
/httpd
/server.crt
&>/dev
/null
64 if [ ! -f "/etc/httpd/server-ecdsa.crt" ]; then
65 boot_mesg
"Signing ECDSA certificate..."
66 openssl x509
-req -days 999999 -sha256 \
67 -in /etc
/httpd
/server-ecdsa.csr \
68 -signkey /etc
/httpd
/server-ecdsa.key \
69 -out /etc
/httpd
/server-ecdsa.crt
&>/dev
/null
76 # Generate all required certificates
80 echo "ServerName ${HOSTNAME}" > /etc
/httpd
/conf
/hostname.conf
82 boot_mesg
"Starting Apache daemon..."
83 /usr
/sbin
/apachectl
-k start
88 boot_mesg
"Stopping Apache daemon..."
89 /usr
/sbin
/apachectl
-k stop
99 boot_mesg
"Reloading Apache daemon..."
100 /usr
/sbin
/apachectl
-k graceful
105 statusproc
/usr
/sbin
/httpd
109 echo "Usage: $0 {start|stop|restart|status}"