/usr/bin/icinga2-build-ca is in icinga2-common 2.1.1-1.
This file is owned by root:root, with mode 0o755.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 | #!/bin/sh
ICINGA2PKIDIR=/usr/share/icinga2/pki
. $ICINGA2PKIDIR/pkifuncs
check_pki_dir
if [ `ls -1 -- $ICINGA_CA | wc -l` != 0 ]; then
echo "The Icinga CA directory must be empty." >&2
exit 1
fi
chmod 700 $ICINGA_CA >/dev/null 2>&1
echo '01' > $ICINGA_CA/serial
touch $ICINGA_CA/index.txt
cp $ICINGA2PKIDIR/vars $ICINGA_CA/
. $ICINGA_CA/vars
KEY_DIR=$ICINGA_CA openssl req -config $ICINGA2PKIDIR/openssl-quiet.cnf -new -newkey rsa:4096 -x509 -days 3650 -keyform PEM -keyout $ICINGA_CA/ca.key -outform PEM -out $ICINGA_CA/ca.crt && \
chmod 600 $ICINGA_CA/ca.key && \
echo -e "\n\tIf you want to change the default settings for server certificates check out \"$ICINGA_CA/vars\".\n"
|