accept more TLS versions, ignore zero return
[ghsmtp.git] / gen-cert.sh
blob2c7c49ca8cdc88c092043e3f0ab981fea11020cf
1 #!/bin/env bash
3 # openssl req -out smtp.csr -new -newkey rsa:4096 -nodes -keyout smtp.key
5 mv smtp.pem smtp.pem-`date +%Y-%m-%d-%h:%m:%S.%N`
7 CN=`hostname`
9 openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:4096 -keyout smtp.key -out smtp.pem \
10 -subj "/C=US/ST=CA/L=Los Angeles/CN=$CN"
12 # tlsa --port 25 --certificate smtp.crt $CN