check_cert_for_dovecot.sh: creating DH parameter changes if debian version is 12 or above.

check_cert_for_dovecot.sh

@@ -119,6 +119,35 @@ blank_line() {
    fi
 }
 
+detect_os_1 () {
+
+   if $(which lsb_release > /dev/null 2>&1) ; then
+
+      os_dist="$(lsb_release -i | awk '{print tolower($3)}')"
+      os_version="$(lsb_release -r | awk '{print tolower($2)}')"
+      os_codename="$(lsb_release -c | awk '{print tolower($2)}')"
+
+      if [[ "$os_dist" = "debian" ]]; then
+         if $(echo "$os_version" | grep -q '\.') ; then
+            os_version=$(echo "$os_version" | cut --delimiter='.' -f1)
+         fi
+      fi
+
+   elif [[ -e "/etc/os-release" ]]; then
+
+      . /etc/os-release
+
+      os_dist=$ID
+      os_version=${VERSION_ID}
+
+   fi
+
+   # remove whitespace from os_dist and os_version
+   os_dist="${os_dist// /}"
+   os_version="${os_version// /}"
+
+}
+
 
 # -------------
 # - Job is already running?
@@ -166,6 +195,14 @@ else
 fi
 
 
+# - Detect OS - Set variable
+# -    os_dist
+# -    os_version
+# -    os_codename
+# -
+detect_os_1
+
+
 # - Read Configurations from $conf_file
 # -
 if [[ ! -f "$conf_file" ]]; then
@@ -271,7 +308,11 @@ echononl "   Create SSL DH parameters '$dh_pem_file'.."
 if [[ -s "$dh_pem_file" ]]; then
    echo_skipped
 else
+   if [[ "$os_dist" = "debian" ]] && [[ $os_version -gt 11 ]] ; then
+      openssl dhparam -out "$dh_pem_file" 4096 > $log_file 2>&1
+   else
       openssl dhparam -dsaparam -out "$dh_pem_file" 4096 > $log_file 2>&1
+   fi
    if [[ $? -eq 0 ]] ; then
       echo_done
    else