Added "make cert" commands to bootstrap file

[freeradius.git] / raddb / certs / bootstrap

diff --git a/raddb/certs/bootstrap b/raddb/certs/bootstrap
index eaf0fb4..dde9307 100755 (executable)
--- a/raddb/certs/bootstrap
+++ b/raddb/certs/bootstrap
@@ -13,3 +13,34 @@
 umask 027
 cd `dirname $0`
 make all
+
+#
+#  If that worked, exit.  Otherwise, run the commands manually.
+#
+if [ "$?" == "0" ]
+then
+  exit 0
+fi
+
+#
+#  The following commands were created by running "make -n", and edited
+#  to remove the trailing backslash, and to add "exit 1" after the commands.
+#
+#  Don't edit the following text.  Instead, edit the Makefile, and
+#  re-generate these commands.
+#
+openssl dhparam -out dh 1024 || exit 1
+if [ -e /dev/urandom ] ; then
+       dd if=/dev/urandom of=./random count=10 >/dev/null 2>&1;
+else
+       date > ./random;
+fi
+openssl req -new  -out server.csr -keyout server.key -config ./server.cnf || exit 1
+openssl req -new -x509 -keyout ca.key -out ca.pem -days `grep default_days ca.cnf | sed 's/.*=//;s/^ *//'` -config ./ca.cnf || exit 1
+openssl req -new -x509 -keyout ca.key -out ca.pem -days `grep default_days ca.cnf | sed 's/.*=//;s/^ *//'` -config ./ca.cnf || exit 1
+touch index.txt
+echo '01' > serial
+openssl ca -batch -keyfile ca.key -cert ca.pem -in server.csr  -key `grep output_password ca.cnf | sed 's/.*=//;s/^ *//'` -out server.crt -extensions xpserver_ext -extfile xpextensions -config ./server.cnf || exit 1
+openssl pkcs12 -export -in server.crt -inkey server.key -out server.p12  -passin pass:`grep output_password server.cnf | sed 's/.*=//;s/^ *//'` -passout pass:`grep output_password server.cnf | sed 's/.*=//;s/^ *//'` || exit 1
+openssl pkcs12 -in server.p12 -out server.pem -passin pass:`grep output_password server.cnf | sed 's/.*=//;s/^ *//'` -passout pass:`grep output_password server.cnf | sed 's/.*=//;s/^ *//'` || exit 1
+openssl x509 -inform PEM -outform DER -in ca.pem -out ca.der || exit 1