#!/bin/sh
#
# Author: Rune Nordbe Skillingstad <rune@skillingtad.no>
# Date: 2003-02-12
#
# Create a TLS certificate for slapd. To change default settings,
# edit /etc/ldap/ssl/slapd-cert.cnf
#
# $Id: mkslapdcert 63 2004-01-17 17:40:27Z pere $


opensslbin=/usr/bin/openssl

test -x $opensslbin || (echo "Can't fint openssl"; exit 1)

$opensslbin req -new -x509 -nodes \
      -config /etc/ldap/ssl/slapd-cert.cnf \
      -out    /etc/ldap/ssl/slapd.pem \
      -keyout /etc/ldap/ssl/slapd.pem > /dev/null 2>&1 \
  || echo "Problems running openssl"

chmod 750 /etc/ldap/ssl
chmod 600 /etc/ldap/ssl/slapd.pem
