#!/bin/sh CWD=`pwd` PATH=$PATH:/usr/bin/ssl COUNTRY='.' STATE='.' LOCALITY='.' DOMAINNAME=`hostname -d` #HOSTNAME=`hostname -s` HOSTNAME="mail.$DOMAINNAME" ISSUER="postmaster@$DOMAINNAME" DAYS2EXPIRE=365 DAEMONS="imapd ipop3d" cd /etc/ssl/certs for DAEMON in $DAEMONS; do if [ -f $DAEMON.pem ]; then echo "You already have /etc/ssl/certs/$DAEMON.pem - ignoring certificate generation" else echo -n "Generating $DAEMON certificate..." openssl req -new -x509 -nodes -out $DAEMON.pem -keyout $DAEMON.pem -days $DAYS2EXPIRE > /dev/null 2>&1 <<+ $COUNTRY $STATE $LOCALITY $HOSTNAME $HOSTNAME $HOSTNAME $ISSUER + ln -sf $DAEMON.pem `openssl x509 -noout -hash < $DAEMON.pem`.0 echo "Done!" fi chown root.root /etc/ssl/certs/$DAEMON.pem chmod 0640 /etc/ssl/certs/$DAEMON.pem done cd $CWD