[BACK]Return to request_ssl_key.sh CVS log [TXT] [DIR] Up to [LON-CAPA] / loncom

Diff for /loncom/request_ssl_key.sh between versions 1.1 and 1.2

version 1.1, 2004/11/18 23:25:10 version 1.2, 2009/01/27 01:23:26
Line 3 Line 3
 MAILADDR=certificate@lon-capa.org # Email the cert request here.  MAILADDR=certificate@lon-capa.org # Email the cert request here.
 DESTDIR=/home/httpd/lonCerts # Destination for the key file.  DESTDIR=/home/httpd/lonCerts # Destination for the key file.
 DESTUID=www # Who will own the private key.  DESTUID=www # Who will own the private key.
 DESTGROUP=www # Gropu that owns the private key.  DESTGROUP=www # Group that will own the private key.
   
   if [ $(whoami) != "$DESTUID" ] && [ $(whoami) != "root" ]; then
       echo "This script needs to be run either as $DESTUID or root"
       exit
   fi
   
   if [ $(whoami) != "root" ] ; then
       if [ -d "$DESTDIR" ] ; then
           CURROWNER=`stat -c %U $DESTDIR`
           if [ -L "$DESTDIR" ] ; then
               echo "$DESTDIR is a symbolic link. You need to remove the link and (as root) create $DESTDIR as a directory owned by $DESTUID:$DESTGROUP."
               exit
           elif [ $CURROWNER != $DESTUID ] ; then
               echo "$DESTUID is not the owner of $DESTDIR. As root you need to change ownership of this directory to $DESTUID:$DESTGROUP."
               exit
           fi
       else
           echo "You need to create a directory: $DESTDIR (as root) and then change ownership of this directory so it is owned by $DESTUID:$DESTGROUP."
           exit
       fi
   fi
   
 openssl req -newkey rsa:1024 -passout pass:loncapa \  openssl req -newkey rsa:1024 -passout pass:loncapa \
     -keyout lonKey.enc -keyform PEM  \      -keyout lonKey.enc -keyform PEM  \
Line 11  openssl req -newkey rsa:1024 -passout pa Line 32  openssl req -newkey rsa:1024 -passout pa
   
 openssl rsa -passin pass:loncapa -in lonKey.enc -out lonKey.pem  openssl rsa -passin pass:loncapa -in lonKey.enc -out lonKey.pem
   
 install -d -m 0750 -o $DESTUID -g $DESTGROUP $DESTDIR  if [ $(pwd) != "$DESTDIR" ] ; then
 install -m 0400 -o $DESTUID -g $DESTGROUP lonKey.pem $DESTDIR      if [ !-d "$DESTDIR" ] ; then
 rm lonKey.{enc,pem}          install -d -m 0750 -o $DESTUID -g $DESTGROUP $DESTDIR
       fi
       install -m 0400 -o $DESTUID -g $DESTGROUP lonKey.pem $DESTDIR
       rm lonKey.pem
   else
       chmod 0400 lonKey.pem
   fi
   
   rm lonKey.enc
   
   
 mail <CertRequest.pem -s "Certificate Request" $MAILADDR  mail <CertRequest.pem -s "Certificate Request" $MAILADDR
 rm CertRequest.pem  rm CertRequest.pem
Removed from v.1.1  
changed lines
  Added in v.1.2

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>