Quanah Gibson-Mount wrote:
--On Monday, July 28, 2008 12:44 PM -0700 John Oliver joliver@john-oliver.net wrote:
I do appreciate all of the help, and apologize if I seem dense. I know
You continue to do things incorrectly, and be unhappy when they don't work because of it. Again, to set up your LDAP servers *correctly* with
At some point I created a small script to generate self signed certificates. Mostly for Apache2's sake. But of course this works for anything needing a certificate. Apache's site has very useful documentation: http://httpd.apache.org/docs/2.2/ssl/ssl_faq.html#ownca
#!/bin/sh # # JvA # Generate self sgined certificate # And remove the passphrase (so services will start without prompting for a password) # # Takes one argument, the name of the key
# check if any argument has been given, if not exit if test -z "$1" then echo 'Please give the name of the key, exiting...' exit fi
echo "Generating key..." openssl genrsa -des3 -out $1.key 1024 echo "" echo "Generating self signed certificate..." openssl req -new -x509 -nodes -sha1 -days 999 -key $1.key -out $1.crt
# Remove passphrase echo "" echo "Removing passphrase..." openssl rsa -in $1.key -out $1.key
# Display results echo "" echo "Displaying details..." openssl x509 -noout -text -in $1.crt
echo "Check the file permissions and make sure "$1".key is only readable by root and if necessary the system account using it." chmod a-r,u+r $1.key ls -l $1.key ls -l $1.crt