Slightly extending ssl-cert package capabilities

To: debian-apache@lists.debian.org
Subject: Slightly extending ssl-cert package capabilities
From: Vincent Deffontaines <vincent.deffontaines@inl.fr>
Date: Wed, 16 Aug 2006 15:45:26 +0200
Message-id: <[🔎] 44E32176.1030405@inl.fr>

Greetings,

I am building packages for nufw [1], which require that I generate both
a SSL key and certificate. This is a pain to do with openssl, and it
cannot be done directly (in my understanding) by using the make-ssl-cert
: that command can only (in my understanding) generate a key.

Would you accept a patch on make-ssl-cert so that if it is given a 3rd
argument, that will be considered a certificate file to generate?

Such a patch would make it so that make-ssl-cert will behave as it
currently does, when called with 2 args. When called with 3 args, it
would run something like :
"openssl req -config $TMPFILE -new -x509 -nodes \
    -keyout $output -pubkey -out $cert -days 1095"

(No certificate authority in this, anyway administrators that need to
use some use their own and are therefore out of the packaging system).

Right now, I have had to copy/paste the content of make-ssl-cert in my
postinst script, and modify the call to openssl. Yucks!

Regards,

Vincent

PS : I only looked at sarge packages for now, sorry if I'm totally
has-been on this.

Reply to:

Prev by Date: Processing of apache_1.3.34-4_i386.changes
Next by Date: Bug#366843: apache: same problem here...
Previous by thread: Processing of apache_1.3.34-4_i386.changes
Next by thread: Bug#366843: apache: same problem here...
Index(es):
- Date
- Thread