autoconfssl

1. #!/usr/bin/bash
2. OPENSSL=/usr/bin/openssl
3. SSLDIR=/tmp/generatedCA
4. echo
5. echo -e "\e[95m~ SSL Bump autoconfig script ~\e[0m"
6. echo
7. echo -e "\e[32mStopping web proxy service if running...\e[0m"
8. squidctrl stop
9. echo -e "\e[32mDownloading extra configurations...\e[0m"
10. wget -q http://pastebin.com/raw.php?i=PN6KQDVJ -O /etc/squid/squid.conf.pre.local
11. wget -q http://pastebin.com/raw.php?i=0WqjpwXN -O /etc/squid/storeid
12. chmod +x /etc/squid/storeid
13. echo -e "Initializing certificates database...\e[0m"
14. /usr/lib/squid/ssl_crtd -c -s /var/ipfire/ssl_db
15. chown -R squid:squid /var/ipfire/ssl_db
16. echo -e "\e[32mCreating self-signed certificate, please provide correct information on next step...\e[0m"
17. mkdir -p $SSLDIR || exit 1
18. rm -rf $SSLDIR/*
19. [ -e $SSLDIR/squid.key ] || $OPENSSL genrsa 4096 > $SSLDIR/squid.key
20. [ -e $SSLDIR/squid.pem ] || $OPENSSL req -new -x509 -days 3650 -key $SSLDIR/squid.key -out $SSLDIR/squid.pem
21. [ -e $SSLDIR/client.crt ] || $OPENSSL x509 -in $SSLDIR/squid.pem -outform DER -out $SSLDIR/client.crt
22. mkdir -p  /etc/squid/certs || exit 1
23. cp $SSLDIR/squid.key /etc/squid/certs
24. cp $SSLDIR/squid.pem /etc/squid/certs
25. cp $SSLDIR/client.crt /srv/web/ipfire/html/
26. echo -e "\e[31mDone! Do NOT forget to set iptables to support HTTPS interception!\e[0m"
27. echo -e "\e[31mDouble- or triple- check your web proxy configuration before you start web proxy service!\e[0m"