DEB packaging of Comarch Crypto Provider from ePUAP
Jacek Kowalski
2019-09-25 b649e084029d34916dc3ff2c12ecc2e5ce5ccc16
commit | author | age
8be2bb 1 #!/bin/sh
JK 2
3 if [ "$1" = "configure" ]
4 then
5
6     INSTALLDIR="/usr/local/ComarchCryptoProvider"
7     
8     if [ ! -f "${INSTALLDIR}/certs/CCP-key-server.pem" ] \
9         || [ ! -f "${INSTALLDIR}/certs/CCP-key-server.pem" ] \
10         || [ ! -f "${INSTALLDIR}/certs/CCP-cert-CA.cer" ]
11     then
12     
13         echo "Generating CA for localhost..."
14         openssl genrsa -out ${INSTALLDIR}/certs/CCP-key-CA.pem 2048
15         openssl req -x509 -sha256 -days 1000 -extensions ext-ca \
16             -subj "/C=PL/O=ComarchCryptoProvider/CN=ComarchCryptoProvider CA" \
17             -config "${INSTALLDIR}/openssl.cnf" \
18             -key "${INSTALLDIR}/certs/CCP-key-CA.pem" \
19             -out "${INSTALLDIR}/certs/CCP-cert-CA.pem"
20         openssl x509 -inform PEM -outform DER \
21             -in "${INSTALLDIR}/certs/CCP-cert-CA.pem" \
22             -out "${INSTALLDIR}/certs/CCP-cert-CA.cer"
23         
24         echo "Trust generated CA certificate..."
25         cp "${INSTALLDIR}/certs/CCP-cert-CA.pem" \
26             "/usr/local/share/ca-certificates/CCP-cert-CA.crt"
27         dpkg-trigger update-ca-certificates
28         
29         echo "Generating signed certificate for server..."
30         openssl genrsa -out ${INSTALLDIR}/certs/CCP-key-server.pem 2048
31         openssl req -new -sha256 \
32             -subj "/C=PL/O=ComarchCryptoProvider/CN=localhost" \
33             -out "${INSTALLDIR}/certs/CCP-req-server.pem" \
34             -key "${INSTALLDIR}/certs/CCP-key-server.pem"
35         openssl x509 -req -sha256 -days 999 -extensions ext-san \
36             -extfile "${INSTALLDIR}/openssl.cnf" \
37             -in "${INSTALLDIR}/certs/CCP-req-server.pem" \
38             -CA "${INSTALLDIR}/certs/CCP-cert-CA.pem" \
39             -CAkey "${INSTALLDIR}/certs/CCP-key-CA.pem" \
40             -CAcreateserial \
41             -out "${INSTALLDIR}/certs/CCP-cert-server.pem"
42         
43         chmod 644 "${INSTALLDIR}/certs/CCP-key-server.pem"
44     
45     fi
46
47 fi
48
49 #DEBHELPER#