CA.sh: add revocation
This commit is contained in:
parent
2023685c1a
commit
1d94fee682
24
misc/CA.sh
24
misc/CA.sh
@ -25,7 +25,7 @@ END_BOLD="</b>"
|
|||||||
|
|
||||||
usage()
|
usage()
|
||||||
{
|
{
|
||||||
echo "Usage: $0 (-newca|-newserver|-newclient NAME)"
|
echo "Usage: $0 (-newca|-newserver|-newclient NAME|-revoke NAME)"
|
||||||
exit 1
|
exit 1
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -39,7 +39,7 @@ clean()
|
|||||||
mkdir -p ${TOP_DIR}/private
|
mkdir -p ${TOP_DIR}/private
|
||||||
mkdir -p ${TOP_DIR}/pkcs
|
mkdir -p ${TOP_DIR}/pkcs
|
||||||
elif [ "$1" = "client" ]; then
|
elif [ "$1" = "client" ]; then
|
||||||
rm -rf ${2}.key ${2}.csr ${2}.crt
|
rm -rf ${2}.key ${2}.csr
|
||||||
fi
|
fi
|
||||||
rm -rf $OUTPUT
|
rm -rf $OUTPUT
|
||||||
}
|
}
|
||||||
@ -173,17 +173,35 @@ case $1 in
|
|||||||
-passin pass:$pass -out ${TOP_DIR}/pkcs/${2}.p12 \
|
-passin pass:$pass -out ${TOP_DIR}/pkcs/${2}.p12 \
|
||||||
-passout pass:$pass > $OUTPUT 2>&1
|
-passout pass:$pass > $OUTPUT 2>&1
|
||||||
if [ $? -ne 0 ]; then
|
if [ $? -ne 0 ]; then
|
||||||
echo -e "${RED}pkcs12 export failed${COLOR_RST} for ${BOLD}$2${END_BOLD}"
|
echo -e "${RED}pkcs12 export failed for ${BOLD}$2${END_BOLD}${COLOR_RST}"
|
||||||
cat $OUTPUT
|
cat $OUTPUT
|
||||||
clean "client" $2
|
clean "client" $2
|
||||||
exit 4
|
exit 4
|
||||||
else
|
else
|
||||||
echo -e "Exported pkcs12 file is ${2}.p12"
|
echo -e "Exported pkcs12 file is ${2}.p12"
|
||||||
fi
|
fi
|
||||||
|
mv ${2}.crt ${TOP_DIR}/certs
|
||||||
# TODO handle this file
|
# TODO handle this file
|
||||||
echo "$2:$pass" >> teams.pass
|
echo "$2:$pass" >> teams.pass
|
||||||
clean "client" $2
|
clean "client" $2
|
||||||
;;
|
;;
|
||||||
|
"-revoke" )
|
||||||
|
if [ $# -ne 2 ]; then
|
||||||
|
echo "Usage: $0 -revoke NAME"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
echo -e "${GREEN}Revocate ${BOLD}${2}${END_BOLD}${COLOR_RST}"
|
||||||
|
openssl ca -revoke ${TOP_DIR}/certs/${2}.crt -config ${OPENSSL_CONF}\
|
||||||
|
-keyfile ${TOP_DIR}/private/${CAKEY} \
|
||||||
|
-cert ${TOP_DIR}/${CACERT} > $OUTPUT 2>&1
|
||||||
|
if [ $? -ne 0 ]; then
|
||||||
|
echo -e "${RED}Revocation failed for ${BOLD}${2}${END_BOLD}${COLOR_RST}"
|
||||||
|
cat $OUTPUT
|
||||||
|
exit 4
|
||||||
|
fi
|
||||||
|
rm ${TOP_DIR}/certs/${2}.crt
|
||||||
|
rm ${TOP_DIR}/pkcs/${2}.p12
|
||||||
|
;;
|
||||||
* )
|
* )
|
||||||
usage
|
usage
|
||||||
;;
|
;;
|
||||||
|
Loading…
Reference in New Issue
Block a user