github.com/tommi2day/gomodules@v1.13.2-0.20240423190010-b7d55d252a27/test/docker/mail/gen_certs.sh

github.com/tommi2day/gomodules@v1.13.2-0.20240423190010-b7d55d252a27/test/docker/mail/gen_certs.sh (about)

     1  #! /bin/sh
     2  
     3  SERVER=${1:-$SERVER}
     4  DOMAIN=${2:-$DOMAIN}
     5  DIR=${3:-$SSLDIR}
     6  mkdir -p "$DIR"
     7  cd "$DIR"||exit
     8  if [ ! -r cakey.pem ]; then
     9    step certificate create "Root CA" "ca.crt" "ca.key" \
    10      --no-password --insecure \
    11      --profile root-ca \
    12      --not-before "2021-01-01T00:00:00+00:00" \
    13      --not-after "2031-01-01T00:00:00+00:00" \
    14      --san "$DOMAIN" \
    15      --san "ca.$DOMAIN" \
    16      --kty RSA --size 2048
    17  fi
    18  step certificate create "${SERVER}.${DOMAIN}" "${SERVER}.${DOMAIN}.crt" "${SERVER}.${DOMAIN}.key" \
    19    --no-password --insecure \
    20    --profile leaf \
    21    --ca "ca.crt" \
    22    --ca-key "ca.key" \
    23    --not-before "2021-01-01T00:00:00+00:00" \
    24    --not-after "2031-01-01T00:00:00+00:00" \
    25    --san "$DOMAIN" \
    26    --san "${SERVER}.${DOMAIN}" \
    27    --kty RSA --size 2048
    28  
    29  # join crt and ca
    30  cat "${SERVER}.${DOMAIN}.crt" ca.crt >>"${SERVER}.${DOMAIN}-full.crt"