prosody
93cdd1ece689
certs/makefile

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

File

certs/makefile @ 11047:93cdd1ece689

mod_posix: Remove ancient undocumented user switching User switching has been done by prosodyctl or init scripts for a very long time now, so this is not needed. Using this would not have worked with module reloading (e.g. to reload certificates) since ports are closed and re-bound, which would then not be allowed. Today there exists better ways to grant low ports, i.e. capabilities(7) <Zash> Why do we have this? <MattJ> Remove it
author Kim Alvefur <zash@zash.se>
date Mon, 24 Aug 2020 19:48:47 +0200
parent 8593:c4222e36333c
line wrap: on
line source

.DEFAULT: localhost.crt
keysize=2048

# How to:
# First, `make yourhost.cnf` which creates a openssl config file.
# Then edit this file and fill in the details you want it to have,
# and add or change hosts and components it should cover.
# Then `make yourhost.key` to create your private key, you can
# include keysize=number to change the size of the key.
# Then you can either `make yourhost.csr` to generate a certificate
# signing request that you can submit to a CA, or `make yourhost.crt`
# to generate a self signed certificate.

${.TARGETS:M*.crt}: 
	openssl req -new -x509 -newkey rsa:$(keysize) -nodes -keyout ${.TARGET:R}.key \
		-days 365 -sha256 -out $@ -utf8 -subj /CN=${.TARGET:R}

.SUFFIXES: .key .crt