Source

iredmail / iRedMail / tools / generate_ssl_keys.sh

Diff from to

iRedMail/tools/generate_ssl_keys.sh

 # Purpose:  Create new SSL keys.
 # Project:  iRedMail (http://www.iredmail.org/)
 
+# USAGE:
+# 1) Edit variables which starts with TLS_ below, then save file.
+# 2) Execute shell command:
+#
+#       # bash generate_ssl_keys.sh
+#
+#    It will create two new files under CURRENT directory:
+#
+#       - certs/iRedMail_CA.pem: Used to replace file on iRedMail server:
+#           + on RHEL/CentOS/Scientific Linux: /etc/pki/tls/certs/iRedMail_CA.pem
+#           + on Debian/Ubuntu/openSUSE: /etc/ssl/certs/iRedMail_CA.pem
+#           + on FreeBSD: /etc/ssl/certs/iRedMail_CA.pem
+#       - private/iRedMail.key: Used to replace file on iRedMail server:
+#           + on RHEL/CentOS/Scientific Linux: /etc/pki/tls/private/iRedMail.key
+#           + on Debian/Ubuntu/openSUSE: /etc/ssl/private/iRedMail.key
+#           + on FreeBSD: /etc/ssl/private/iRedMail.key
+#
+# 3) Grant read access to all users. e.g. on RHEL/CentOS/Scientific Linux:
+#
+#   # chmod +r /etc/ssl/certs/iRedMail_CA.pem
+#   # chmod +r /etc/ssl/private/iRedMail.key
+#
+#   If you need more restrict file permission, please use file system ACL instead.
+#   Refer to command 'setfacl' and 'getfacl' for more detail.
+#
+# 4) Restart all services which provides SSL secure connection. e.g. http,
+#    dovecot, postfix, etc. A system reboot should be easier if possible.
+#
+
 export HOSTNAME="$(hostname -f)"
+
+# SSL key related settings.
+# Country.
+export TLS_COUNTRY='CN'
+
+# State.
+export TLS_STATE='GuangDong'
+
+# City.
+export TLS_CITY='ShenZhen'
+
+# Company name here, e.g. Apple Inc.
+export TLS_COMPANY="${HOSTNAME}"
+
+# Department name.
+export TLS_DEPARTMENT='IT'
+
+# Hostname of your mail server.
+export TLS_HOSTNAME="${HOSTNAME}"
+
+# Server admininistrator's email address.
+export TLS_ADMIN="root@${HOSTNAME}"
+
+# Do not edit below lines.
 export ROOTDIR="$(pwd)"
-
-# SSL key.
 export SSL_CERT_FILE="${ROOTDIR}/certs/iRedMail_CA.pem"
 export SSL_KEY_FILE="${ROOTDIR}/private/iRedMail.key"
-export TLS_COUNTRY='CN'
-export TLS_STATE='GuangDong'
-export TLS_CITY='ShenZhen'
-export TLS_COMPANY="${HOSTNAME}"
-export TLS_DEPARTMENT='IT'
-export TLS_HOSTNAME="${HOSTNAME}"
-export TLS_ADMIN="root@${HOSTNAME}"
 
 # Create SSL certs/private files.
 gen_pem_key()
Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for ProjectModifiedEvent.java.
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.