Aug 5, 2024: iRedMail-1.7.1 has been released.

**tmassey** · 2015-01-10 04:37:00

tmassey
Member
Offline

From: Detroit, Michigan
Registered: 2015-01-07
Posts: 3

Topic: Patch: update generate_ssl_keys.sh to generate keys using SHA-2

Here is a very quick patch to allow iRedMail to generate self-signed SSL keys using SHA-2 (sha256), which is a requirement for keys that expire after 2016 (Reference: https://support.godaddy.com/help/articl … h-function ):

--- org/generate_ssl_keys.sh    2015-01-09 15:29:29.000000000 -0500
+++ new/generate_ssl_keys.sh    2015-01-09 15:30:02.000000000 -0500
@@ -69,7 +69,7 @@
     mkdir -p {certs,private} 2>/dev/null

     openssl req \
-        -x509 -nodes -days 3650 -newkey rsa:2048 \
+        -x509 -nodes -days 3650 -newkey rsa:2048 -sha256 \
         -subj "/C=${TLS_COUNTRY}/ST=${TLS_STATE}/L=${TLS_CITY}/O=${TLS_COMPANY}/OU=${TLS_DEPARTMENT}/CN=${TLS_HOSTNAME}/emailAddress=${TLS_ADMIN}/" \
         -out ${SSL_CERT_FILE} -keyout ${SSL_KEY_FILE} >/dev/null 2>&1

If there is a better way of communicating such issues, please let me know.

Tim Massey

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

**ZhangHuangbin** · 2015-01-10 08:25:02

ZhangHuangbin
iRedMail Developers
Offline

Registered: 2009-05-06
Posts: 31,094

Re: Patch: update generate_ssl_keys.sh to generate keys using SHA-2

Thanks for sharing, I will fix it later.

Aug 5, 2024: iRedMail-1.7.1 has been released.

Patch: update generate_ssl_keys.sh to generate keys using SHA-2

Posts: 2

1 Topic by tmassey 2015-01-10 04:37:00

Topic: Patch: update generate_ssl_keys.sh to generate keys using SHA-2

2 Reply by ZhangHuangbin 2015-01-10 08:25:02

Re: Patch: update generate_ssl_keys.sh to generate keys using SHA-2

Posts: 2