]> git.ipfire.org Git - ipfire-2.x.git/blobdiff - src/scripts/httpscert
projects / ipfire-2.x.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
pakfire: use correct tree on x86_64.
[ipfire-2.x.git] / src / scripts / httpscert
diff --git a/src/scripts/httpscert b/src/scripts/httpscert
index 2c5a928296e4d699ebd005381465505b98752b5c..e20f789ed4d8c2e52a9e8bc43f4c5f5c276e1a1b 100644 (file)
--- a/src/scripts/httpscert
+++ b/src/scripts/httpscert
@@ -1,30 +1,22 @@
 #!/bin/sh
 #
 #!/bin/sh
 #
-# $Id: httpscert,v 1.1.2.2 2005/12/15 21:59:57 eoberlander Exp $
 # new : generate new certificate
 # read: read issuer in certificate and verify if it is the same as hostname
 
 # See how we were called.
 case "$1" in
   new)
 # new : generate new certificate
 # read: read issuer in certificate and verify if it is the same as hostname
 
 # See how we were called.
 case "$1" in
   new)
-       # set temporary random file
-       export RANDFILE=/root/.rnd
        if [ ! -f /etc/httpd/server.key ]; then
                echo "Generating https server key."
        if [ ! -f /etc/httpd/server.key ]; then
                echo "Generating https server key."
-               /usr/bin/openssl genrsa -rand \
-                       /boot/vmlinuz:CONFIG_ROOT/ethernet/settings -out \
-                       /etc/httpd/server.key 1024
+               /usr/bin/openssl genrsa -out /etc/httpd/server.key 4096
        fi
        echo "Generating CSR"
        /bin/cat /etc/certparams | sed "s/HOSTNAME/`hostname -f`/" | /usr/bin/openssl \
                req -new -key /etc/httpd/server.key -out /etc/httpd/server.csr
        echo "Signing certificate"
        fi
        echo "Generating CSR"
        /bin/cat /etc/certparams | sed "s/HOSTNAME/`hostname -f`/" | /usr/bin/openssl \
                req -new -key /etc/httpd/server.key -out /etc/httpd/server.csr
        echo "Signing certificate"
-       /usr/bin/openssl x509 -req -days 999999 -in \
+       /usr/bin/openssl x509 -req -days 999999 -sha256 -in \
                /etc/httpd/server.csr -signkey /etc/httpd/server.key -out \
                /etc/httpd/server.crt
                /etc/httpd/server.csr -signkey /etc/httpd/server.key -out \
                /etc/httpd/server.crt
-       # unset and remove random file
-       export -n RANDFILE
-       rm -f /root/.rnd
        ;;
   read)
        if [ -f /etc/httpd/server.key -a -f /etc/httpd/server.crt -a -f /etc/httpd/server.csr ]; then
        ;;
   read)
        if [ -f /etc/httpd/server.key -a -f /etc/httpd/server.crt -a -f /etc/httpd/server.csr ]; then
IPFire 2.x development tree