/usr/bin/charybdis-genssl is in charybdis 3.4.2-3.
This file is owned by root:root, with mode 0o755.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 | #!/bin/sh
prefix="/usr"
exec_prefix="${prefix}"
sysconfdir="/etc/charybdis"
echo "Generating self-signed certificate .. "
openssl req -x509 -nodes -newkey rsa:1024 -keyout "${sysconfdir}"/ssl.key -out "${sysconfdir}"/ssl.cert
echo "Generating Diffie-Hellman file for secure SSL/TLS negotiation .. "
openssl dhparam -out "${sysconfdir}"/dh.pem 1024
# If sysconfdir is relative to prefix, make the path relative. I.e.,
# prefix=/usr and sysconfdir=/etc -> relative_sysconfdir=/etc,
# prefix=/home/binki/chary and sysconfdir=/home/binki/chary/etc ->
# relative_sysconfdir=etc
relative_sysconfdir="${sysconfdir#${prefix%/}/}"
relative_sysconfdir="${relative_sysconfdir%/}"
cat <<EOF
Now change these lines in the IRCd config file:
ssl_private_key = "${relative_sysconfdir}/ssl.key";
ssl_cert = "${relative_sysconfdir}/ssl.cert";
ssl_dh_params = "${relative_sysconfdir}/dh.pem";
Enjoy using ssl.
EOF
|