On Thu, Dec 20, 2012 at 02:15:35PM +0000, Viktor Dukhovni wrote: > People who want a more compact recipe for a self-signed cert on > a single SMTP server can use my "one-liner" (for machines whose > hostname is an FQDN): > > $ tmp=$(mktemp smtpd.pem.XXXXXX) && > openssl req -new \ > -newkey rsa:1280 -keyout /dev/stdout \ > -x509 -days $((365 * 10)) -subj "/CN=$(uname -n)" >> "$tmp" && > mv "$tmp" smtpd.pem
With the "-nodes" option in most cases: $ tmp=$(mktemp smtpd.pem.XXXXXX) && openssl req -new \ -newkey rsa:1280 -nodes -keyout /dev/stdout \ -x509 -days $((365 * 10)) -subj "/CN=$(uname -n)" >> "$tmp" && mv "$tmp" smtpd.pem -- Viktor.