prosody
bd4f8a2b72c7
certs/GNUmakefile
Software / code / prosody
Comparison
certs/GNUmakefile @ 8592:bd4f8a2b72c7
Rename Makefile -> GNUmakefile to reflect dependency on GNU Make
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Tue, 31 Oct 2017 17:28:23 +0100 |
| parent | 7715:certs/Makefile@08989f8464b9 |
comparison
equal
deleted
inserted
replaced
| 8591:0c322389f994 | 8592:bd4f8a2b72c7 |
|---|---|
| 1 .DEFAULT: localhost.crt | |
| 2 keysize=2048 | |
| 3 | |
| 4 # How to: | |
| 5 # First, `make yourhost.cnf` which creates a openssl config file. | |
| 6 # Then edit this file and fill in the details you want it to have, | |
| 7 # and add or change hosts and components it should cover. | |
| 8 # Then `make yourhost.key` to create your private key, you can | |
| 9 # include keysize=number to change the size of the key. | |
| 10 # Then you can either `make yourhost.csr` to generate a certificate | |
| 11 # signing request that you can submit to a CA, or `make yourhost.crt` | |
| 12 # to generate a self signed certificate. | |
| 13 | |
| 14 .PRECIOUS: %.cnf %.key | |
| 15 | |
| 16 # To request a cert | |
| 17 %.csr: %.cnf %.key | |
| 18 openssl req -new -key $(lastword $^) \ | |
| 19 -sha256 -utf8 -config $(firstword $^) -out $@ | |
| 20 | |
| 21 %.csr: %.cnf | |
| 22 umask 0077 && touch $*.key | |
| 23 openssl req -new -newkey rsa:$(keysize) -nodes -keyout $*.key \ | |
| 24 -sha256 -utf8 -config $^ -out $@ | |
| 25 @chmod 400 $*.key | |
| 26 | |
| 27 %.csr: %.key | |
| 28 openssl req -new -key $^ -utf8 -subj /CN=$* -out $@ | |
| 29 | |
| 30 %.csr: | |
| 31 umask 0077 && touch $*.key | |
| 32 openssl req -new -newkey rsa:$(keysize) -nodes -keyout $*.key \ | |
| 33 -utf8 -subj /CN=$* -out $@ | |
| 34 @chmod 400 $*.key | |
| 35 | |
| 36 # Self signed | |
| 37 %.crt: %.cnf %.key | |
| 38 openssl req -new -x509 -key $(lastword $^) -days 365 -sha256 -utf8 \ | |
| 39 -config $(firstword $^) -out $@ | |
| 40 | |
| 41 %.crt: %.cnf | |
| 42 umask 0077 && touch $*.key | |
| 43 openssl req -new -x509 -newkey rsa:$(keysize) -nodes -keyout $*.key \ | |
| 44 -days 365 -sha256 -utf8 -config $(firstword $^) -out $@ | |
| 45 @chmod 400 $*.key | |
| 46 | |
| 47 %.crt: %.key | |
| 48 openssl req -new -x509 -key $^ -days 365 -sha256 -utf8 -subj /CN=$* -out $@ | |
| 49 | |
| 50 %.crt: | |
| 51 umask 0077 && touch $*.key | |
| 52 openssl req -new -x509 -newkey rsa:$(keysize) -nodes -keyout $*.key \ | |
| 53 -days 365 -sha256 -out $@ -utf8 -subj /CN=$* | |
| 54 @chmod 400 $*.key | |
| 55 | |
| 56 # Generate a config from the example | |
| 57 %.cnf: | |
| 58 sed 's,example\.com,$*,g' openssl.cnf > $@ | |
| 59 | |
| 60 %.key: | |
| 61 umask 0077 && openssl genrsa -out $@ $(keysize) | |
| 62 @chmod 400 $@ | |
| 63 | |
| 64 # Generate Diffie-Hellman parameters | |
| 65 dh-%.pem: | |
| 66 openssl dhparam -out $@ $* |
