Ce jour Mon, 13 Dec 2004, W.Andrew Loe III a dit:
> I am trying to figure out how to re-build my SSL certificates for
> postfix and courier-imap. Right now my certificate for postfix has some
> errors on it (wrong CN), but I am able to download it and set it to be
> accepted by OS X (ends pop-ups in Mail.app). My courier-imap
> certificate does not work in OS X, I've tried using mkimapdcert in
> /usr/sbin/ but it is not generating certificates that are compatible
> with OS X. Suggestions on how I can use OpenSSL to generate
> certificates for both?
i wrote a goofy script to create server certs:
=================
#!/bin/sh
eval $(openssl req -new > new.cert.csr)
#read [-p prompt] [-r] variable [...]
#read $(openssl rsa -in privkey.pem -out new.cert.key)
eval $(openssl rsa -in privkey.pem -out new.cert.key)
#VARNAME=$(openssl rsa -in privkey.pem -out new.cert.key)
eval $(cat privkey.pem > newreq.pem)
eval $(cat new.cert.csr >>newreq.pem)
/usr/lib/ssl/misc/CA.pl -signreq
echo "* Now cat the file newcert.pem and copy/paste the CERTIFICATE
portion to a new file named server.cert.."
echo "* Copy only the Certificate data shown in that file to the new file.
* Next rename the file new.cert.key to be named server.key"
exit 0
=================
e/
--
,''`. http://www.debian.org/ http://www.nuit.ca/
: :' : Debian GNU/Linux http://simonraven.nuit.ca/
' ------------------------------
`- GPG Print: 7C49 FD9C 1054 7300
3B7B 8BF4 6A88 7AE2 711D F097
Attachment:
signature.asc
Description: Digital signature