#!/usr/bin/bash
export CN=$1
./create-key $CN
pushd certs
# The default algorithm is sha256 with Postfix ≥ 3.6 and the compatibility_level set to 3.6 or higher. 
# With Postfix ≤ 3.5, the default algorithm is md5.
# https://www.postfix.org/postconf.5.html#relay_clientcerts
openssl x509 -in $CN.crt -noout -pubkey | openssl pkey -pubin -outform DER | openssl dgst -md5 -c | ( read D FP; echo $FP $CN ) >>relay_clientcerts
cp $CN.key ~/kopano-docker/etc-$CN/ssl/private
# https://ubuntu.com/server/docs/security-trust-store
cp kopano-ca.crt ~/kopano-docker/etc-$CN/ssl/usr-local-share-ca-certificates
cat kopano-ca.crt $CN.crt >~/kopano-docker/etc-$CN/ssl/$CN-full-chain.pem
popd