Annotate

certs/Makefile @ 4061:efa1f62a751b

mod_register: Add registration_compat config option to allow account remove requests addressed to='host' (defaults to true)
author Matthew Wild <mwild1@gmail.com>
date Tue, 04 Jan 2011 17:15:47 +0000
parent 3836:2c4535e13f23
child 5293:fe9215155453
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
3824
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
1 .DEFAULT: localhost.cert
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
2 keysize=2048
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
3
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
4 # How to:
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
5 # First, `make yourhost.cnf` which creates a openssl config file.
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
6 # Then edit this file and fill in the details you want it to have,
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
7 # and add or change hosts and components it should cover.
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
8 # Then `make yourhost.key` to create your private key, you can
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
9 # include keysize=number to change the size of the key.
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
10 # Then you can either `make yourhost.csr` to generate a certificate
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
11 # signing request that you can submit to a CA, or `make yourhost.cert`
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
12 # to generate a self signed certificate.
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
13
3825
8cc803294fc4 certs/Makefile: Add .PRECIOUS to stop make deleting the key as an intermediate file (thanks deryni/Zash)
Matthew Wild <mwild1@gmail.com>
parents: 3824
diff changeset
14 .PRECIOUS: %.cnf %.key
8cc803294fc4 certs/Makefile: Add .PRECIOUS to stop make deleting the key as an intermediate file (thanks deryni/Zash)
Matthew Wild <mwild1@gmail.com>
parents: 3824
diff changeset
15
3824
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
16 # To request a cert
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
17 %.csr: %.cnf %.key
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
18 openssl req -new -key $(lastword $^) -out $@ -utf8 -config $(firstword $^)
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
19
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
20 # Self signed
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
21 %.cert: %.cnf %.key
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
22 openssl req -new -x509 -nodes -key $(lastword $^) -days 365 \
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
23 -sha1 -out $@ -utf8 -config $(firstword $^)
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
24
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
25 %.cnf:
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
26 sed 's,example\.com,$*,g' openssl.cnf > $@
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
27
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
28 %.key:
d02bb4839ac4 certs: Add a default OpenSSL configuration file, and a Makefile.
Kim Alvefur <zash@zash.se>
parents:
diff changeset
29 openssl genrsa $(keysize) > $@
3836
2c4535e13f23 certs/Makefile: Remove -c flag to chmod, which appears to be a GNUism (thanks Kev)
Matthew Wild <mwild1@gmail.com>
parents: 3825
diff changeset
30 @chmod 400 $@