Use makecert for irc

beaglebone.txt

@@ -3357,22 +3357,11 @@ Create some ssl certificates:
 
 #+BEGIN_SRC: bash
 mkdir /home/ircserver/ircd/ssl
-openssl genrsa -out /home/ircserver/ircd/ssl/ircd.key 4096
-openssl req -new -x509 -sha256 -key /home/ircserver/ircd/ssl/ircd.key -out /home/ircserver/ircd/ssl/ircd.pem -days 3650
-#+END_SRC
-
-You will be asked for some details. The next step will take a few minutes to gather entropy, so go and do something else.
-
-#+BEGIN_SRC: bash
-openssl dhparam -out /home/ircserver/ircd/ssl/dhparam.pem 1024
-#+END_SRC
-
-Now alter the permissions on the files so that they're accessible to the /ircserver/ user:
-
-#+BEGIN_SRC: bash
-chmod 600 /home/ircserver/ircd/ssl/ircd.key
-chmod 600 /home/ircserver/ircd/ssl/ircd.pem
-chmod 600 /home/ircserver/ircd/ssl/dhparam.pem
+makecert ircd
+mv /etc/ssl/private/ircd.key /home/ircserver/ircd/ssl/
+mv /etc/ssl/certs/ircd.crt /home/ircserver/ircd/ssl/ircd.pem
+mv /etc/ssl/certs/ircd.dhparam /home/ircserver/ircd/ssl/dhparam.pem
+chmod 640 /home/ircserver/ircd/ssl/*
 chown -R ircserver:ircserver /home/ircserver/ircd
 chown -R ircserver:ircserver /home/ircserver/services
 #+END_SRC
@@ -7757,9 +7746,13 @@ chown prosody:prosody /etc/ssl/certs/xmpp.crt
 And regenerate the IRC server keys:
 
 #+BEGIN_SRC: bash
-openssl genrsa -out /home/ircserver/ircd/ssl/ircd.key 4096
-openssl req -new -x509 -sha256 -key /home/ircserver/ircd/ssl/ircd.key -out /home/ircserver/ircd/ssl/ircd.pem -days 3650
-openssl dhparam -out /home/ircserver/ircd/ssl/dhparam.pem 1024
+makecert ircd
+mv /etc/ssl/private/ircd.key /home/ircserver/ircd/ssl/
+mv /etc/ssl/certs/ircd.crt /home/ircserver/ircd/ssl/ircd.pem
+mv /etc/ssl/certs/ircd.dhparam /home/ircserver/ircd/ssl/dhparam.pem
+chmod 640 /home/ircserver/ircd/ssl/*
+chown -R ircserver:ircserver /home/ircserver/ircd
+chown -R ircserver:ircserver /home/ircserver/services
 #+END_SRC
 
 This will take a few minutes to gather entropy.