5

I am like 95% done my shell script to install a Debian mail server from a fresh install, this is based on my currently running mailserver that I know to be working. What I have done is I have captured user input for the required info for the SSL but every time I try to generate the SSL unattended with openssl it fails. Any chance someone can help me? I have tried the following which works for mysql changes but didnt work for me.

openssl req -new -x509 -days 3650 -nodes -out /etc/ssl/certs/postfix.pem -keyout /etc/ssl/private/postfix.pem<<EOF
$country
$state
$city
$org
$unit
$commonname
$email
EOF

This gets me as far as this and then I have to hit enter... not cool as I need to not have to hit anything. Any ideas?

Donal Fellows
  • 133,037
  • 18
  • 149
  • 215
John Stapleton
  • 122
  • 2
  • 9
  • There is an option `-batch` that assumes an ok whenever a decision is necessary. Is it that you were looking for? – Andy Nov 24 '12 at 11:44

1 Answers1

8

What I've used with SaltStack is:

openssl req -new -x509 -days 365 -nodes \
  -out /etc/ssl/certs/postfix.pem \
  -keyout /etc/ssl/private/postfix.pem \
  -subj "/C=RO/ST=Bucharest/L=Bucharest/O=IT/CN=www.example.ro"

Credit go to Sean P. Kane.

Félix Saparelli
  • 8,424
  • 6
  • 52
  • 67
Cristian VIDU
  • 81
  • 1
  • 2