1 denise.eckstein 1.1
2 # Create OpenSSL Configuration File (ssl.cnf)
3 #
4 if [ -f %PEGASUS_CONFIG_DIR/ssl.cnf ]
5 then
6 echo "WARNING: %PEGASUS_CONFIG_DIR/ssl.cnf already exists."
7 else
8 echo " Generating SSL Certificate..."
9 echo "[ req ]" >> %PEGASUS_CONFIG_DIR/ssl.cnf
10 echo "distinguished_name = req_distinguished_name" >> %PEGASUS_CONFIG_DIR/ssl.cnf
11 echo "prompt = no" >> %PEGASUS_CONFIG_DIR/ssl.cnf
12 echo "[ req_distinguished_name ]" >> %PEGASUS_CONFIG_DIR/ssl.cnf
13 echo "C = UK" >> %PEGASUS_CONFIG_DIR/ssl.cnf
14 echo "ST = Berkshire" >> %PEGASUS_CONFIG_DIR/ssl.cnf
15 echo "L = Reading" >> %PEGASUS_CONFIG_DIR/ssl.cnf
16 echo "O = The Open Group" >> %PEGASUS_CONFIG_DIR/ssl.cnf
17 echo "OU = The OpenPegasus Project" >> %PEGASUS_CONFIG_DIR/ssl.cnf
|
18 w.otsuka 1.3 echo "CN = `host \`hostname\`|cut -d\" \" -f1`" >> %PEGASUS_CONFIG_DIR/ssl.cnf
|
19 denise.eckstein 1.1 chmod 400 %PEGASUS_CONFIG_DIR/ssl.cnf
20 chown root %PEGASUS_CONFIG_DIR/ssl.cnf
21 fi
22
|
23 w.otsuka 1.3 %OPENSSL_BIN/openssl req -x509 -days 3650 -newkey rsa:2048 \
|
24 denise.eckstein 1.1 -nodes -config %PEGASUS_CONFIG_DIR/ssl.cnf \
25 -keyout %PEGASUS_PEM_DIR/key.pem -out %PEGASUS_PEM_DIR/cert.pem \
|
26 denise.eckstein 1.2 2>>%PEGASUS_INSTALL_LOG
|
27 denise.eckstein 1.1
28 cat %PEGASUS_PEM_DIR/key.pem > %PEGASUS_PEM_DIR/key-2048.pem
29 chmod 400 %PEGASUS_PEM_DIR/key-2048.pem
30 cat %PEGASUS_PEM_DIR/cert.pem > %PEGASUS_PEM_DIR/cert-2048.pem
31 chmod 400 %PEGASUS_PEM_DIR/cert-2048.pem
32 cat %PEGASUS_PEM_DIR/cert.pem > %PEGASUS_PEM_DIR/truststore-2048.pem
33 chmod 400 %PEGASUS_PEM_DIR/truststore-2048.pem
34 rm -f %PEGASUS_PEM_DIR/key.pem %PEGASUS_PEM_DIR/cert.pem
35
36 if [ -f %PEGASUS_PEM_DIR/%PEGASUS_SSL_CERT_FILE ]
37 then
38 echo "WARNING: %PEGASUS_PEM_DIR/%PEGASUS_SSL_CERT_FILE SSL Certificate file already exists."
39 else
40 cp %PEGASUS_PEM_DIR/cert-2048.pem %PEGASUS_PEM_DIR/%PEGASUS_SSL_CERT_FILE
41 chmod 444 %PEGASUS_PEM_DIR/%PEGASUS_SSL_CERT_FILE
42 cp %PEGASUS_PEM_DIR/key-2048.pem %PEGASUS_PEM_DIR/%PEGASUS_SSL_KEY_FILE
43 chmod 400 %PEGASUS_PEM_DIR/%PEGASUS_SSL_KEY_FILE
44 fi
45
46 if [ -f %PEGASUS_PEM_DIR/%PEGASUS_SSL_TRUSTSTORE ]
47 then
48 denise.eckstein 1.1 echo "WARNING: %PEGASUS_PEM_DIR/%PEGASUS_SSL_TRUSTSTORE SSL Certificate trust store already exists."
49 else
50 cp %PEGASUS_PEM_DIR/truststore-2048.pem %PEGASUS_PEM_DIR/%PEGASUS_SSL_TRUSTSTORE
51 chmod 444 %PEGASUS_PEM_DIR/%PEGASUS_SSL_TRUSTSTORE
52 fi
53
|
54 denise.eckstein 1.4 /usr/lib/lsb/install_initd /etc/init.d/tog-pegasus
55
|
56 denise.eckstein 1.1 echo " To start Pegasus manually:"
57 echo " /etc/init.d/tog-pegasus start"
58 echo " Stop it:"
59 echo " /etc/init.d/tog-pegasus stop"
60 echo " To set up PATH and MANPATH in /etc/profile"
61 echo " run /opt/tog-pegasus/sbin/settogpath."
|