Bug 14288 - [META] Certificates should be created by functions from cert-sh-functions
Summary: [META] Certificates should be created by functions from cert-sh-functions
Status: NEW
Alias: None
Product: Sisyphus
Classification: Development
Component: cross-component (show other bugs)
Version: unstable
Hardware: all Linux
: P2 normal
Assignee: Dmitry V. Levin
QA Contact: qa-sisyphus
URL:
Keywords: METABUG
Depends on: 2169 11543 11546 14287 14304 15209 15938
Blocks:
  Show dependency tree
 
Reported: 2008-02-01 20:21 MSK by Mikhail Gusarov
Modified: 2014-04-09 02:24 MSK (History)
3 users (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Mikhail Gusarov 2008-02-01 20:21:22 MSK
There is package cert-sh-functions containing certificate generation tools. It 
should be used to create all applicable certificates in Sisyphus.

Usage examples are in httpd-alterator and ahttpd packages.
Comment 1 Dmitriy Kruglikov 2008-04-24 14:50:40 MSD
 Если в /usr/bin/cert-sh-functions добавить строки:
#pem
ssl_check_pem()
{
    [ -n "$1" -a -f "$SSL_CSRDIR/$1.pem" ]
}


ssl_make_pem(){
    ssl_check_pem "$@" && return
    [ -n "$1" ] ||
        ssl_fatal 'Insufficient arguments.'

   "$OPENSSL" req -new -x509 -days 365 -nodes -out "$SSL_CSRDIR/$1.pem" -keyout
"$SSL_CSRDIR/$1.pem" -config $2 >/dev/null 2>&1 ||
        ssl_fatal 'Unable to create PEM certificate'
}
перед строкой
#dh params
или в любом удобном месте, то можно будет генерировать сертификаты *.pem 
для cyrus-imap, например.

В качестве параметров передается имя файла сертификата и имя файла с ответами на
вопросы (формат /etc/ahttpd/ahttpd.cnf устраивает)
Comment 2 Mikhail Gusarov 2008-04-24 15:30:49 MSD
(In reply to comment #1)
>  Если в /usr/bin/cert-sh-functions добавить строки:

Повешайте enh-багом на cert-sh-functions. Здесь это предложение сгниёт навечно.