prosody
e9f07febafb3
certs/Makefile

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

File

certs/Makefile @ 7058:e9f07febafb3

mod_http_files: Santize the path relative to our base URL before translating it to a filesystem path, fixes a relative path traversal vulnerability
author Matthew Wild <mwild1@gmail.com>
date Thu, 07 Jan 2016 15:37:47 +0000
parent 7030:b5bc9f77f096
child 7031:89221daefae9
child 7713:003ee2be2635
line wrap: on
line source

.DEFAULT: localhost.crt
keysize=2048

# How to:
# First, `make yourhost.cnf` which creates a openssl config file.
# Then edit this file and fill in the details you want it to have,
# and add or change hosts and components it should cover.
# Then `make yourhost.key` to create your private key, you can
# include keysize=number to change the size of the key.
# Then you can either `make yourhost.csr` to generate a certificate
# signing request that you can submit to a CA, or `make yourhost.crt`
# to generate a self signed certificate.

.PRECIOUS: %.cnf %.key

# To request a cert
%.csr: %.cnf %.key
	openssl req -new -key $(lastword $^) -out $@ -utf8 -config $(firstword $^)

# Self signed
%.crt: %.cnf %.key
	openssl req -new -x509 -nodes -key $(lastword $^) -days 365 \
		-sha1 -out $@ -utf8 -config $(firstword $^)

%.cnf:
	sed 's,example\.com,$*,g' openssl.cnf > $@

%.key:
	umask 0077 && openssl genrsa -out $@ $(keysize)
	@chmod 400 $@ -c