postinst: add certificates generation

2014-10-29 18:40:36 +01:00 · 2014-10-29 18:40:36 +01:00 · 567879616f
parent 34240a600f
commit 567879616f
1 changed files with 10 additions and 0 deletions
--- a/10
+++ b/10
@ -26,6 +26,16 @@ case "$1" in
            echo "..done"
        fi

+        if [ ! -f /etc/$NAME/certs/saml.crt -a ! -f /etc/$NAME/certs/saml.key ]; then
+            echo -n "Generating key material..." >&2
+            openssl genpkey -algorithm rsa -pkeyopt rsa_keygen_bits:2048 -out /etc/$NAME/certs/saml.key >&2
+            openssl req -x509 -new -out /etc/$NAME/certs/saml.crt -subj '/CN=whocares' -key /etc/$NAME/certs/saml.key -days 3650 >&2
+            chown root:$GROUP /etc/$NAME/certs/saml.crt /etc/$NAME/certs/saml.key
+            chmod 640 /etc/$NAME/certs/saml.crt /etc/$NAME/certs/saml.key
+            echo "..done" >&2
+        fi
+
+
        echo -n "Fixing permissions.."
        chown $USER:$GROUP /var/lib/$NAME /var/run/$NAME /var/log/$NAME
        chown $USER:$GROUP /var/lib/$NAME/data /var/lib/$NAME/sessions