]>
Commit | Line | Data |
---|---|---|
23104841 MT |
1 | #!/bin/sh |
2 | # Begin $rc_base/init.d/apache | |
3 | ||
4 | # Based on sysklogd script from LFS-3.1 and earlier. | |
5 | # Rewritten by Gerard Beekmans - gerard@linuxfromscratch.org | |
6 | ||
23104841 MT |
7 | . /etc/sysconfig/rc |
8 | . $rc_functions | |
9 | ||
9064ba72 AF |
10 | generate_certificates() { |
11 | if [ ! -f "/etc/httpd/server.key" ]; then | |
12 | boot_mesg "Generating HTTPS RSA server key (this will take a moment)..." | |
13 | openssl genrsa -out /etc/httpd/server.key 4096 &>/dev/null | |
14 | evaluate_retval | |
15 | fi | |
16 | ||
17 | if [ ! -f "/etc/httpd/server-ecdsa.key" ]; then | |
18 | boot_mesg "Generating HTTPS ECDSA server key..." | |
19 | openssl ecparam -genkey -name secp384r1 -noout \ | |
20 | -out /etc/httpd/server-ecdsa.key &>/dev/null | |
21 | evaluate_retval | |
22 | fi | |
23 | ||
24 | # Generate RSA CSR | |
25 | if [ ! -f "/etc/httpd/server.csr" ]; then | |
26 | sed "s/HOSTNAME/`hostname -f`/" < /etc/certparams | \ | |
27 | openssl req -new -key /etc/httpd/server.key \ | |
28 | -out /etc/httpd/server.csr &>/dev/null | |
29 | fi | |
30 | ||
31 | # Generate ECDSA CSR | |
32 | if [ ! -f "/etc/httpd/server-ecdsa.csr" ]; then | |
33 | sed "s/HOSTNAME/`hostname -f`/" < /etc/certparams | \ | |
34 | openssl req -new -key /etc/httpd/server-ecdsa.key \ | |
35 | -out /etc/httpd/server-ecdsa.csr &>/dev/null | |
36 | fi | |
37 | ||
38 | if [ ! -f "/etc/httpd/server.crt" ]; then | |
39 | boot_mesg "Signing RSA certificate..." | |
40 | openssl x509 -req -days 999999 -sha256 \ | |
41 | -in /etc/httpd/server.csr \ | |
42 | -signkey /etc/httpd/server.key \ | |
43 | -out /etc/httpd/server.crt &>/dev/null | |
44 | evaluate_retval | |
45 | fi | |
46 | ||
47 | if [ ! -f "/etc/httpd/server-ecdsa.crt" ]; then | |
48 | boot_mesg "Signing ECDSA certificate..." | |
49 | openssl x509 -req -days 999999 -sha256 \ | |
50 | -in /etc/httpd/server-ecdsa.csr \ | |
51 | -signkey /etc/httpd/server-ecdsa.key \ | |
52 | -out /etc/httpd/server-ecdsa.crt &>/dev/null | |
53 | evaluate_retval | |
54 | fi | |
55 | } | |
56 | ||
23104841 MT |
57 | case "$1" in |
58 | start) | |
9064ba72 AF |
59 | # Generate all required certificates |
60 | generate_certificates | |
61 | ||
75474c3c | 62 | boot_mesg "Starting Apache daemon..." |
23104841 MT |
63 | /usr/sbin/apachectl -k start |
64 | evaluate_retval | |
65 | ;; | |
66 | ||
67 | stop) | |
68 | boot_mesg "Stopping Apache daemon..." | |
69 | /usr/sbin/apachectl -k stop | |
70 | evaluate_retval | |
71 | ;; | |
72 | ||
73 | restart) | |
74 | boot_mesg "Restarting Apache daemon..." | |
75 | /usr/sbin/apachectl -k restart | |
76 | evaluate_retval | |
77 | ;; | |
256575b3 CS |
78 | |
79 | reload) | |
80 | boot_mesg "Reloading Apache daemon..." | |
81 | /usr/sbin/apachectl -k graceful | |
82 | evaluate_retval | |
83 | ;; | |
23104841 MT |
84 | |
85 | status) | |
86 | statusproc /usr/sbin/httpd | |
87 | ;; | |
88 | ||
89 | *) | |
90 | echo "Usage: $0 {start|stop|restart|status}" | |
91 | exit 1 | |
92 | ;; | |
93 | esac | |
94 | ||
95 | # End $rc_base/init.d/apache |