Re: generating the TLS cert

Viktor Dukhovni Thu, 20 Dec 2012 06:32:34 -0800

On Thu, Dec 20, 2012 at 02:15:35PM +0000, Viktor Dukhovni wrote:

> People who want a more compact recipe for a self-signed cert on
> a single SMTP server can use my "one-liner" (for machines whose
> hostname is an FQDN):
> 
>     $ tmp=$(mktemp smtpd.pem.XXXXXX) &&
>       openssl req -new \
>           -newkey rsa:1280 -keyout /dev/stdout \
>           -x509 -days $((365 * 10)) -subj "/CN=$(uname -n)" >> "$tmp" &&
>       mv "$tmp" smtpd.pem


With the "-nodes" option in most cases:

    $ tmp=$(mktemp smtpd.pem.XXXXXX) &&
        openssl req -new \
            -newkey rsa:1280 -nodes -keyout /dev/stdout \
            -x509 -days $((365 * 10)) -subj "/CN=$(uname -n)" >> "$tmp" &&
        mv "$tmp" smtpd.pem

-- 
        Viktor.

Re: generating the TLS cert

Reply via email to