Return to tog-pegasus-genSSLCerts.spec CVS log | Up to [Pegasus] / pegasus / rpm / tog-specfiles |
1 martin 1.4 #//%LICENSE//////////////////////////////////////////////////////////////// 2 #// 3 #// Licensed to The Open Group (TOG) under one or more contributor license 4 #// agreements. Refer to the OpenPegasusNOTICE.txt file distributed with 5 #// this work for additional information regarding copyright ownership. 6 #// Each contributor licenses this file to you under the OpenPegasus Open 7 #// Source License; you may not use this file except in compliance with the 8 #// License. 9 #// 10 #// Permission is hereby granted, free of charge, to any person obtaining a 11 #// copy of this software and associated documentation files (the "Software"), 12 #// to deal in the Software without restriction, including without limitation 13 #// the rights to use, copy, modify, merge, publish, distribute, sublicense, 14 #// and/or sell copies of the Software, and to permit persons to whom the 15 #// Software is furnished to do so, subject to the following conditions: 16 #// 17 #// The above copyright notice and this permission notice shall be included 18 #// in all copies or substantial portions of the Software. 19 #// 20 #// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS 21 #// OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 22 martin 1.4 #// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. 23 #// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY 24 #// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, 25 #// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE 26 #// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 27 #// 28 #////////////////////////////////////////////////////////////////////////// | ||
29 denise.eckstein 1.1 # 30 # Set up OpenSSL certificates for the tog-pegasus cimserver 31 # 32 # Creates a default ssl.cnf file. 33 # Generates a self-signed certificate for use by the cimserver. 34 # 35 cnfChanged=0; 36 if [ ! -e $PEGASUS_CONFIG_DIR/ssl.cnf ]; then 37 mkdir -p ${PEGASUS_INSTALL_LOG%/*} 38 mkdir -p $PEGASUS_CONFIG_DIR 39 echo "[ req ]" > $PEGASUS_CONFIG_DIR/ssl.cnf 40 echo "distinguished_name = req_distinguished_name" >> \ 41 $PEGASUS_CONFIG_DIR/ssl.cnf 42 echo "prompt = no" >> $PEGASUS_CONFIG_DIR/ssl.cnf 43 echo "[ req_distinguished_name ]" >> $PEGASUS_CONFIG_DIR/ssl.cnf 44 echo "C = UK" >> $PEGASUS_CONFIG_DIR/ssl.cnf 45 echo "ST = Berkshire" >> $PEGASUS_CONFIG_DIR/ssl.cnf 46 echo "L = Reading" >> $PEGASUS_CONFIG_DIR/ssl.cnf 47 echo "O = The Open Group" >> \ 48 $PEGASUS_CONFIG_DIR/ssl.cnf 49 echo "OU = The OpenPegasus Project" >> \ 50 denise.eckstein 1.1 $PEGASUS_CONFIG_DIR/ssl.cnf 51 DN=`hostname`; 52 if [ -z "$DN" ] || [ "$DN" = "(none)" ]; then 53 DN='localhost.localdomain'; 54 fi; 55 FQDN=`{ host -W1 $DN 2>/dev/null || echo "$DN has address "; } |\ 56 grep 'has address' | head -1 | sed 's/\ .*$//'`; 57 if [ -z "$FQDN" ] ; then 58 FQDN="$DN"; 59 fi; 60 # cannot use 'hostname --fqdn' because this can hang indefinitely 61 echo "CN = $FQDN" >> $PEGASUS_CONFIG_DIR/ssl.cnf 62 chmod 400 $PEGASUS_CONFIG_DIR/ssl.cnf 63 chown root $PEGASUS_CONFIG_DIR/ssl.cnf 64 chgrp root $PEGASUS_CONFIG_DIR/ssl.cnf 65 cnfChanged=1; 66 fi 67 if [ $cnfChanged -eq 1 ] || \ 68 [ ! -e $PEGASUS_PEM_DIR/$PEGASUS_SSL_CERT_FILE ] || \ 69 [ ! -e $PEGASUS_PEM_DIR/$PEGASUS_SSL_KEY_FILE ]; then 70 /usr/bin/openssl req -x509 -days 3650 -newkey rsa:2048 \ 71 denise.eckstein 1.1 -nodes -config $PEGASUS_CONFIG_DIR/ssl.cnf \ 72 -keyout $PEGASUS_PEM_DIR/key.pem \ 73 -out $PEGASUS_PEM_DIR/cert.pem 2>>$PEGASUS_INSTALL_LOG 74 chmod 700 $PEGASUS_PEM_DIR/*.pem 75 cp -fp $PEGASUS_PEM_DIR/cert.pem \ 76 $PEGASUS_PEM_DIR/$PEGASUS_SSL_CERT_FILE 77 cp -fp $PEGASUS_PEM_DIR/key.pem \ 78 $PEGASUS_PEM_DIR/$PEGASUS_SSL_KEY_FILE 79 chmod 400 $PEGASUS_PEM_DIR/$PEGASUS_SSL_KEY_FILE 80 chmod 444 $PEGASUS_PEM_DIR/$PEGASUS_SSL_CERT_FILE 81 rm -f $PEGASUS_PEM_DIR/key.pem $PEGASUS_PEM_DIR/cert.pem 82 fi; 83 if [ ! -e $PEGASUS_PEM_DIR/$PEGASUS_SSL_TRUSTSTORE ]; then 84 cp -fp $PEGASUS_PEM_DIR/$PEGASUS_SSL_CERT_FILE \ 85 $PEGASUS_PEM_DIR/$PEGASUS_SSL_TRUSTSTORE 86 chmod 444 $PEGASUS_PEM_DIR/$PEGASUS_SSL_TRUSTSTORE; 87 fi; |
No CVS admin address has been configured |
Powered by ViewCVS 0.9.2 |