Return to tog-pegasus-genSSLCerts.spec CVS log | Up to [Pegasus] / pegasus / rpm / tog-specfiles |
1 karl 1.2 #//%2006//////////////////////////////////////////////////////////////////////// 2 #// 3 #// Copyright (c) 2000, 2001, 2002 BMC Software; Hewlett-Packard Development 4 #// Company, L.P.; IBM Corp.; The Open Group; Tivoli Systems. 5 #// Copyright (c) 2003 BMC Software; Hewlett-Packard Development Company, L.P.; 6 #// IBM Corp.; EMC Corporation, The Open Group. 7 #// Copyright (c) 2004 BMC Software; Hewlett-Packard Development Company, L.P.; 8 #// IBM Corp.; EMC Corporation; VERITAS Software Corporation; The Open Group. 9 #// Copyright (c) 2005 Hewlett-Packard Development Company, L.P.; IBM Corp.; 10 #// EMC Corporation; VERITAS Software Corporation; The Open Group. 11 #// Copyright (c) 2006 Hewlett-Packard Development Company, L.P.; IBM Corp.; 12 #// EMC Corporation; Symantec Corporation; The Open Group. 13 #// 14 #// Permission is hereby granted, free of charge, to any person obtaining a copy 15 #// of this software and associated documentation files (the "Software"), to 16 #// deal in the Software without restriction, including without limitation the 17 #// rights to use, copy, modify, merge, publish, distribute, sublicense, and/or 18 #// sell copies of the Software, and to permit persons to whom the Software is 19 #// furnished to do so, subject to the following conditions: 20 #// 21 #// THE ABOVE COPYRIGHT NOTICE AND THIS PERMISSION NOTICE SHALL BE INCLUDED IN 22 karl 1.2 #// ALL COPIES OR SUBSTANTIAL PORTIONS OF THE SOFTWARE. THE SOFTWARE IS PROVIDED 23 #// "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT 24 #// LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR 25 #// PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT 26 #// HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN 27 #// ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION 28 #// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 29 #// 30 #//============================================================================== | ||
31 denise.eckstein 1.1 # 32 # Set up OpenSSL certificates for the tog-pegasus cimserver 33 # 34 # Creates a default ssl.cnf file. 35 # Generates a self-signed certificate for use by the cimserver. 36 # 37 cnfChanged=0; 38 if [ ! -e $PEGASUS_CONFIG_DIR/ssl.cnf ]; then 39 mkdir -p ${PEGASUS_INSTALL_LOG%/*} 40 mkdir -p $PEGASUS_CONFIG_DIR 41 echo "[ req ]" > $PEGASUS_CONFIG_DIR/ssl.cnf 42 echo "distinguished_name = req_distinguished_name" >> \ 43 $PEGASUS_CONFIG_DIR/ssl.cnf 44 echo "prompt = no" >> $PEGASUS_CONFIG_DIR/ssl.cnf 45 echo "[ req_distinguished_name ]" >> $PEGASUS_CONFIG_DIR/ssl.cnf 46 echo "C = UK" >> $PEGASUS_CONFIG_DIR/ssl.cnf 47 echo "ST = Berkshire" >> $PEGASUS_CONFIG_DIR/ssl.cnf 48 echo "L = Reading" >> $PEGASUS_CONFIG_DIR/ssl.cnf 49 echo "O = The Open Group" >> \ 50 $PEGASUS_CONFIG_DIR/ssl.cnf 51 echo "OU = The OpenPegasus Project" >> \ 52 denise.eckstein 1.1 $PEGASUS_CONFIG_DIR/ssl.cnf 53 DN=`hostname`; 54 if [ -z "$DN" ] || [ "$DN" = "(none)" ]; then 55 DN='localhost.localdomain'; 56 fi; 57 FQDN=`{ host -W1 $DN 2>/dev/null || echo "$DN has address "; } |\ 58 grep 'has address' | head -1 | sed 's/\ .*$//'`; 59 if [ -z "$FQDN" ] ; then 60 FQDN="$DN"; 61 fi; 62 # cannot use 'hostname --fqdn' because this can hang indefinitely 63 echo "CN = $FQDN" >> $PEGASUS_CONFIG_DIR/ssl.cnf 64 chmod 400 $PEGASUS_CONFIG_DIR/ssl.cnf 65 chown root $PEGASUS_CONFIG_DIR/ssl.cnf 66 chgrp root $PEGASUS_CONFIG_DIR/ssl.cnf 67 cnfChanged=1; 68 fi 69 if [ $cnfChanged -eq 1 ] || \ 70 [ ! -e $PEGASUS_PEM_DIR/$PEGASUS_SSL_CERT_FILE ] || \ 71 [ ! -e $PEGASUS_PEM_DIR/$PEGASUS_SSL_KEY_FILE ]; then 72 /usr/bin/openssl req -x509 -days 3650 -newkey rsa:2048 \ 73 denise.eckstein 1.1 -nodes -config $PEGASUS_CONFIG_DIR/ssl.cnf \ 74 -keyout $PEGASUS_PEM_DIR/key.pem \ 75 -out $PEGASUS_PEM_DIR/cert.pem 2>>$PEGASUS_INSTALL_LOG 76 chmod 700 $PEGASUS_PEM_DIR/*.pem 77 cp -fp $PEGASUS_PEM_DIR/cert.pem \ 78 $PEGASUS_PEM_DIR/$PEGASUS_SSL_CERT_FILE 79 cp -fp $PEGASUS_PEM_DIR/key.pem \ 80 $PEGASUS_PEM_DIR/$PEGASUS_SSL_KEY_FILE 81 chmod 400 $PEGASUS_PEM_DIR/$PEGASUS_SSL_KEY_FILE 82 chmod 444 $PEGASUS_PEM_DIR/$PEGASUS_SSL_CERT_FILE 83 rm -f $PEGASUS_PEM_DIR/key.pem $PEGASUS_PEM_DIR/cert.pem 84 fi; 85 if [ ! -e $PEGASUS_PEM_DIR/$PEGASUS_SSL_TRUSTSTORE ]; then 86 cp -fp $PEGASUS_PEM_DIR/$PEGASUS_SSL_CERT_FILE \ 87 $PEGASUS_PEM_DIR/$PEGASUS_SSL_TRUSTSTORE 88 chmod 444 $PEGASUS_PEM_DIR/$PEGASUS_SSL_TRUSTSTORE; 89 fi; |
No CVS admin address has been configured |
Powered by ViewCVS 0.9.2 |