From 716e1e7ccdfac9fa681d1dc5ababc74ce914d4b9 Mon Sep 17 00:00:00 2001
From: nemunaire <pomercier@novaquark.com>
Date: Thu, 20 Nov 2014 17:32:46 +0100
Subject: [PATCH] Can revoke server certificate

---
 misc/CA.sh | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/misc/CA.sh b/misc/CA.sh
index 502915e5..fc5245cc 100755
--- a/misc/CA.sh
+++ b/misc/CA.sh
@@ -146,6 +146,26 @@ case $1 in
             echo $ECHO_OPTS "${GREEN}Signed certificate is in server.crt${COLOR_RST}"
         fi
         ;;
+
+    "-revokeserver" )
+        echo $ECHO_OPTS "${GREEN}Revocate server certificate${COLOR_RST}"
+        if ! [ -f ${TOP_DIR}/private/${CAKEY} ]; then
+            echo $ECHO_OPTS "${RED}Can not found the CA's key${COLOR_RST}"
+            exit 2
+        fi
+        openssl ca -revoke server.crt -config ${OPENSSL_CONF}\
+                   -keyfile ${TOP_DIR}/private/${CAKEY}                     \
+                   -cert ${TOP_DIR}/${CACERT} > $OUTPUT 2>&1
+        if [ $? -ne 0 ]; then
+            echo $ECHO_OPTS "${RED}Server certificate revocation failed${COLOR_RST}"
+            cat $OUTPUT
+            exit 4
+        fi
+        rm ${TOP_DIR}/server.crt ${TOP_DIR}/server.key
+
+	gen_crl
+        ;;
+
     "-newclient" )
         if [ $# -ne 2 ]; then
             echo "Usage: $0 -newclient NAME"