25 lines
1.2 KiB
Bash
25 lines
1.2 KiB
Bash
#!/bin/sh
|
|
|
|
## Taken from the Dockerfile script
|
|
# With fix:
|
|
#-if test "${cert_domain-set}" == set; then
|
|
#+if test "${cert_domain:-set}" == set; then
|
|
|
|
mkdir -p /opt/ssl/
|
|
cd /opt/ssl/
|
|
mkdir -p certs/ca
|
|
openssl genrsa -out certs/ca/root.key.pem 2048
|
|
openssl req -x509 -new -nodes -key certs/ca/root.key.pem -days 9131 -out certs/ca/root.crt.pem -subj "/C=DE/ST=BW/L=Stuttgart/O=Dummy Authority/CN=Dummy Authority"
|
|
mkdir -p certs/{servers,tmp}
|
|
mkdir -p "certs/servers/localhost"
|
|
openssl genrsa -out "certs/servers/localhost/privkey.pem" 2048
|
|
if test "${cert_domain:-set}" == set; then
|
|
openssl req -key "certs/servers/localhost/privkey.pem" -new -sha256 -out "certs/tmp/localhost.csr.pem" -subj "/C=DE/ST=BW/L=Stuttgart/O=Dummy Authority/CN=localhost"
|
|
else
|
|
openssl req -key "certs/servers/localhost/privkey.pem" -new -sha256 -out "certs/tmp/localhost.csr.pem" -subj "/C=DE/ST=BW/L=Stuttgart/O=Dummy Authority/CN=${cert_domain}"
|
|
fi
|
|
openssl x509 -req -in certs/tmp/localhost.csr.pem -CA certs/ca/root.crt.pem -CAkey certs/ca/root.key.pem -CAcreateserial -out certs/servers/localhost/cert.pem -days 9131
|
|
mv certs/servers/localhost/privkey.pem /etc/loolwsd/key.pem
|
|
mv certs/servers/localhost/cert.pem /etc/loolwsd/cert.pem
|
|
mv certs/ca/root.crt.pem /etc/loolwsd/ca-chain.cert.pem
|