Rename TOP_DIR to PKI_DIR
This commit is contained in:
parent
3aedea2cab
commit
1d65c5a836
44
misc/CA.sh
44
misc/CA.sh
@ -2,16 +2,16 @@
|
|||||||
|
|
||||||
cd $(dirname "$0")
|
cd $(dirname "$0")
|
||||||
|
|
||||||
if [ -z "${TOP_DIR}" ]; then
|
if [ -z "${PKI_DIR}" ]; then
|
||||||
TOP_DIR=pki
|
PKI_DIR=pki
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ -z "${OPENSSL_CONF}" ]; then
|
if [ -z "${OPENSSL_CONF}" ]; then
|
||||||
OPENSSL_CONF=openssl.cnf
|
OPENSSL_CONF=openssl.cnf
|
||||||
fi
|
fi
|
||||||
|
|
||||||
CAKEY=${TOP_DIR}/private/cakey.key
|
CAKEY=${PKI_DIR}/private/cakey.key
|
||||||
CAREQ=${TOP_DIR}/careq.csr
|
CAREQ=${PKI_DIR}/careq.csr
|
||||||
CACRT=./shared/cacert.crt
|
CACRT=./shared/cacert.crt
|
||||||
|
|
||||||
SRVKEY=./shared/server.key
|
SRVKEY=./shared/server.key
|
||||||
@ -47,16 +47,16 @@ usage()
|
|||||||
clean()
|
clean()
|
||||||
{
|
{
|
||||||
if [ "$1" = "ca" ]; then
|
if [ "$1" = "ca" ]; then
|
||||||
rm -rf ${TOP_DIR} ./shared/*
|
rm -rf ${PKI_DIR}/* ./shared/*
|
||||||
mkdir -p ${TOP_DIR}/certs
|
mkdir -p ${PKI_DIR}/certs
|
||||||
mkdir -p ${TOP_DIR}/crl
|
mkdir -p ${PKI_DIR}/crl
|
||||||
mkdir -p ${TOP_DIR}/newcerts
|
mkdir -p ${PKI_DIR}/newcerts
|
||||||
mkdir -p ${TOP_DIR}/private
|
mkdir -p ${PKI_DIR}/private
|
||||||
mkdir -p ${TOP_DIR}/pkcs
|
mkdir -p ${PKI_DIR}/pkcs
|
||||||
mkdir -p ./shared
|
mkdir -p ./shared
|
||||||
echo "01" > ${TOP_DIR}/crlnumber
|
echo "01" > ${PKI_DIR}/crlnumber
|
||||||
elif [ "$1" = "client" ]; then
|
elif [ "$1" = "client" ]; then
|
||||||
rm -rf ${TOP_DIR}/${2}.key ${TOP_DIR}/${2}.csr
|
rm -rf ${PKI_DIR}/${2}.key ${PKI_DIR}/${2}.csr
|
||||||
fi
|
fi
|
||||||
rm -rf $OUTPUT
|
rm -rf $OUTPUT
|
||||||
}
|
}
|
||||||
@ -81,9 +81,9 @@ case $1 in
|
|||||||
echo $ECHO_OPTS "${GREEN}Create the directories, take care this will delete the old directories ${COLOR_RST}"
|
echo $ECHO_OPTS "${GREEN}Create the directories, take care this will delete the old directories ${COLOR_RST}"
|
||||||
|
|
||||||
clean "ca"
|
clean "ca"
|
||||||
touch ${TOP_DIR}/index.txt
|
touch ${PKI_DIR}/index.txt
|
||||||
|
|
||||||
ESCAPED=$(echo "${TOP_DIR}" | sed 's/[\/\.]/\\&/g')
|
ESCAPED=$(echo "${PKI_DIR}" | sed 's/[\/\.]/\\&/g')
|
||||||
|
|
||||||
echo $ECHO_OPTS "${GREEN}Making CA key and csr${COLOR_RST}"
|
echo $ECHO_OPTS "${GREEN}Making CA key and csr${COLOR_RST}"
|
||||||
sed -i 's/=.*#COMMONNAME/= FIC CA #COMMONNAME/' $OPENSSL_CONF
|
sed -i 's/=.*#COMMONNAME/= FIC CA #COMMONNAME/' $OPENSSL_CONF
|
||||||
@ -178,15 +178,15 @@ case $1 in
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
CLTNAM=$2
|
CLTNAM=$2
|
||||||
CLTREQ=${TOP_DIR}/${CLTNAM}.csr
|
CLTREQ=${PKI_DIR}/${CLTNAM}.csr
|
||||||
CLTCRT=${TOP_DIR}/certs/${CLTNAM}.crt
|
CLTCRT=${PKI_DIR}/certs/${CLTNAM}.crt
|
||||||
CLTKEY=${TOP_DIR}/${CLTNAM}.key
|
CLTKEY=${PKI_DIR}/${CLTNAM}.key
|
||||||
CLTP12=${TOP_DIR}/pkcs/${CLTNAM}.p12
|
CLTP12=${PKI_DIR}/pkcs/${CLTNAM}.p12
|
||||||
|
|
||||||
echo "=============================================================="
|
echo "=============================================================="
|
||||||
echo $ECHO_OPTS "${GREEN}Making the client key and csr of ${BOLD}${2}${END_BOLD}${COLOR_RST}"
|
echo $ECHO_OPTS "${GREEN}Making the client key and csr of ${BOLD}${2}${END_BOLD}${COLOR_RST}"
|
||||||
|
|
||||||
ESCAPED=$(echo "${TOP_DIR}" | sed 's/[\/\.]/\\&/g')
|
ESCAPED=$(echo "${PKI_DIR}" | sed 's/[\/\.]/\\&/g')
|
||||||
sed -i "s/=.*#DIR/= ${ESCAPED} #DIR/" $OPENSSL_CONF
|
sed -i "s/=.*#DIR/= ${ESCAPED} #DIR/" $OPENSSL_CONF
|
||||||
|
|
||||||
if ! [ -f ${CAKEY} ]; then
|
if ! [ -f ${CAKEY} ]; then
|
||||||
@ -232,7 +232,7 @@ case $1 in
|
|||||||
else
|
else
|
||||||
echo $ECHO_OPTS "Exported pkcs12 file is ${CLTP12}"
|
echo $ECHO_OPTS "Exported pkcs12 file is ${CLTP12}"
|
||||||
fi
|
fi
|
||||||
echo "$CLTNAM:$pass" >> ${TOP_DIR}/../teams.pass
|
echo "$CLTNAM:$pass" >> ${PKI_DIR}/../teams.pass
|
||||||
echo "$CLTNAM:$pass"
|
echo "$CLTNAM:$pass"
|
||||||
clean "client" ${CLTNAM}
|
clean "client" ${CLTNAM}
|
||||||
;;
|
;;
|
||||||
@ -244,8 +244,8 @@ case $1 in
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
CLTNAM=$2
|
CLTNAM=$2
|
||||||
CLTCRT=${TOP_DIR}/certs/${CLTNAM}.crt
|
CLTCRT=${PKI_DIR}/certs/${CLTNAM}.crt
|
||||||
CLTP12=${TOP_DIR}/pkcs/${CLTNAM}.p12
|
CLTP12=${PKI_DIR}/pkcs/${CLTNAM}.p12
|
||||||
|
|
||||||
echo $ECHO_OPTS "${GREEN}Revocate ${BOLD}${CLTNAM}${END_BOLD}${COLOR_RST}"
|
echo $ECHO_OPTS "${GREEN}Revocate ${BOLD}${CLTNAM}${END_BOLD}${COLOR_RST}"
|
||||||
if ! openssl ca -revoke "${CLTCRT}" -config "${OPENSSL_CONF}" \
|
if ! openssl ca -revoke "${CLTCRT}" -config "${OPENSSL_CONF}" \
|
||||||
|
@ -26,14 +26,14 @@ function new_client($name, $misc_dir)
|
|||||||
{
|
{
|
||||||
//TODO handle if already exist
|
//TODO handle if already exist
|
||||||
putenv("OPENSSL_CONF=$misc_dir/openssl.cnf");
|
putenv("OPENSSL_CONF=$misc_dir/openssl.cnf");
|
||||||
putenv("TOP_DIR=$misc_dir/pki");
|
putenv("PKI_DIR=$misc_dir/pki");
|
||||||
return shell_exec("$misc_dir/CA.sh -newclient $name");
|
return shell_exec("$misc_dir/CA.sh -newclient $name");
|
||||||
}
|
}
|
||||||
|
|
||||||
function revoke_client($name, $misc_dir)
|
function revoke_client($name, $misc_dir)
|
||||||
{
|
{
|
||||||
putenv("OPENSSL_CONF=$misc_dir/openssl.cnf");
|
putenv("OPENSSL_CONF=$misc_dir/openssl.cnf");
|
||||||
putenv("TOP_DIR=$misc_dir/pki");
|
putenv("PKI_DIR=$misc_dir/pki");
|
||||||
return shell_exec("$misc_dir/CA.sh -revoke $name");
|
return shell_exec("$misc_dir/CA.sh -revoke $name");
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -50,7 +50,7 @@ if (!empty($p[2]))
|
|||||||
if ($p[2] == "newca")
|
if ($p[2] == "newca")
|
||||||
{
|
{
|
||||||
putenv("OPENSSL_CONF=$misc_dir/openssl.cnf");
|
putenv("OPENSSL_CONF=$misc_dir/openssl.cnf");
|
||||||
putenv("TOP_DIR=$misc_dir/pki");
|
putenv("PKI_DIR=$misc_dir/pki");
|
||||||
$template->assign("output",
|
$template->assign("output",
|
||||||
shell_exec("$misc_dir/CA.sh -newca"));
|
shell_exec("$misc_dir/CA.sh -newca"));
|
||||||
return "admin/shell";
|
return "admin/shell";
|
||||||
@ -65,7 +65,7 @@ if (!empty($p[2]))
|
|||||||
elseif ($p[2] == "newsrv")
|
elseif ($p[2] == "newsrv")
|
||||||
{
|
{
|
||||||
putenv("OPENSSL_CONF=$misc_dir/openssl.cnf");
|
putenv("OPENSSL_CONF=$misc_dir/openssl.cnf");
|
||||||
putenv("TOP_DIR=$misc_dir/pki");
|
putenv("PKI_DIR=$misc_dir/pki");
|
||||||
$template->assign("output",
|
$template->assign("output",
|
||||||
shell_exec("$misc_dir/CA.sh -newserver"));
|
shell_exec("$misc_dir/CA.sh -newserver"));
|
||||||
return "admin/shell";
|
return "admin/shell";
|
||||||
@ -74,7 +74,7 @@ if (!empty($p[2]))
|
|||||||
elseif ($p[2] == "revokesrv")
|
elseif ($p[2] == "revokesrv")
|
||||||
{
|
{
|
||||||
putenv("OPENSSL_CONF=$misc_dir/openssl.cnf");
|
putenv("OPENSSL_CONF=$misc_dir/openssl.cnf");
|
||||||
putenv("TOP_DIR=$misc_dir/pki");
|
putenv("PKI_DIR=$misc_dir/pki");
|
||||||
$template->assign("output",
|
$template->assign("output",
|
||||||
shell_exec("$misc_dir/CA.sh -revokeserver"));
|
shell_exec("$misc_dir/CA.sh -revokeserver"));
|
||||||
return "admin/shell";
|
return "admin/shell";
|
||||||
|
Loading…
Reference in New Issue
Block a user