Advertisement
ujiajah1

autoconfssl

Feb 19th, 2016
140
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 1.36 KB | None | 0 0
  1. #!/usr/bin/bash
  2. OPENSSL=/usr/bin/openssl
  3. SSLDIR=/tmp/generatedCA
  4. echo
  5. echo -e "\e[95m~ SSL Bump autoconfig script ~\e[0m"
  6. echo
  7. echo -e "\e[32mStopping web proxy service if running...\e[0m"
  8. squidctrl stop
  9. echo -e "\e[32mDownloading extra configurations...\e[0m"
  10. wget -q http://pastebin.com/raw.php?i=PN6KQDVJ -O /etc/squid/squid.conf.pre.local
  11. wget -q http://pastebin.com/raw.php?i=0WqjpwXN -O /etc/squid/storeid
  12. chmod +x /etc/squid/storeid
  13. echo -e "Initializing certificates database...\e[0m"
  14. /usr/lib/squid/ssl_crtd -c -s /var/ipfire/ssl_db
  15. chown -R squid:squid /var/ipfire/ssl_db
  16. echo -e "\e[32mCreating self-signed certificate, please provide correct information on next step...\e[0m"
  17. mkdir -p $SSLDIR || exit 1
  18. rm -rf $SSLDIR/*
  19. [ -e $SSLDIR/squid.key ] || $OPENSSL genrsa 4096 > $SSLDIR/squid.key
  20. [ -e $SSLDIR/squid.pem ] || $OPENSSL req -new -x509 -days 3650 -key $SSLDIR/squid.key -out $SSLDIR/squid.pem
  21. [ -e $SSLDIR/client.crt ] || $OPENSSL x509 -in $SSLDIR/squid.pem -outform DER -out $SSLDIR/client.crt
  22. mkdir -p  /etc/squid/certs || exit 1
  23. cp $SSLDIR/squid.key /etc/squid/certs
  24. cp $SSLDIR/squid.pem /etc/squid/certs
  25. cp $SSLDIR/client.crt /srv/web/ipfire/html/
  26. echo -e "\e[31mDone! Do NOT forget to set iptables to support HTTPS interception!\e[0m"
  27. echo -e "\e[31mDouble- or triple- check your web proxy configuration before you start web proxy service!\e[0m"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement