tls_cert: adding dhparam generating.

Signed-off-by: Tom Li <biergaizi2009@gmail.com>
This commit is contained in:
Tom Li 2015-02-02 17:55:40 +08:00
parent d5954ce249
commit acbbf66806

View File

@ -62,6 +62,7 @@ system('openssl', 'req', '-config', $CAfilename, '-new', '-x509',
my $SERVER_key = 'ssl/qpsmtpd-server.key'; my $SERVER_key = 'ssl/qpsmtpd-server.key';
my $SERVER_csr = 'ssl/qpsmtpd-server.csr'; my $SERVER_csr = 'ssl/qpsmtpd-server.csr';
my $SERVER_crt = 'ssl/qpsmtpd-server.crt'; my $SERVER_crt = 'ssl/qpsmtpd-server.crt';
my $SERVER_dhparam = 'ssl/qpsmtpd-server.dhparam';
my ($SERVER, $SERVERfilename) = tempfile( $template, DIR => "ssl", UNLINK => 1); my ($SERVER, $SERVERfilename) = tempfile( $template, DIR => "ssl", UNLINK => 1);
print ${SERVER} return_cfg($opts{OU}); print ${SERVER} return_cfg($opts{OU});
@ -94,6 +95,9 @@ system('openssl', 'x509', '-extfile', $SIGNfilename, '-days', (365*2),
'-req', '-out', $SERVER_crt) == 0 '-req', '-out', $SERVER_crt) == 0
or die "Cannot sign cert: $?"; or die "Cannot sign cert: $?";
system('openssl', 'dhparam', '-out', '$SERVER_dhparam', 2048) == 0
or die "Cannot create server dhparam: $?";
exit(0); exit(0);
sub return_cfg { sub return_cfg {