« Starting ssh on an Alternate Port
Converting OGG files to MP3 files »

Creating a SSL Certificate for Postfix and Others

I’m trying to generate some generic SSL certificate code for Postfix and other products. This is customized for Postfix, but it is easy to change the output files. I’ve put this together to be a cut and paste, just set the environment variables.

keyfile=/etc/ssl/private/smtpd.key
certfile=/etc/ssl/certs/smtpd.crt
pemfile= /etc/ssl/certs/cacert.pem
pass=superSecret
openssl genrsa -des3 -rand /etc/hosts -passout "pass:$pass" -out $keyfile 1024
chmod 600 $keyfile
openssl req -new -passin "pass:$pass" -passout "pass:$pass" -key $keyfile -out /tmp/.server.csr
openssl x509 -req -days 3650 -passin "pass:$pass" -passout "pass:$pass" -in /tmp/.server.csr -signkey $keyfile -out $certfile
openssl rsa -passin "pass:$pass" -in $keyfile -out /tmp/.server.unencrypted
mv -f /tmp/.key.unencrypted $keyfile
openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out $pemfile -days 3650

This entry was posted on Tuesday, January 9th, 2007 at 12:50 pm and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.

Comments are closed.