CA.sh: fixed newserver

misc/CA.sh

@@ -1,7 +1,7 @@
 # TODO key usage
 
 if [[ -z "${TOP_DIR}" ]]; then
-    TOP_DIR=fic_pki
+    TOP_DIR=pki
 fi
 
 if [[ -z "${OPENSSL_CONF}" ]]; then
@@ -51,7 +51,7 @@ case $1 in
             exit 5
         fi
 
-        pass=`pwgen 10 1`
+        pass=`pwgen -n -B -y 12 1`
 
         openssl req -batch -new -keyout ${TOP_DIR}/private/${CAKEY}         \
                     -out ${TOP_DIR}/${CAREQ} -passout pass:$pass            \
@@ -74,9 +74,11 @@ case $1 in
             exit 2
         fi
         sed -i 's/=.*#COMMONNAME/= FIC2014 Server #COMMONNAME/' $OPENSSL_CONF
-        openssl req -batch -new -keyout server.key -out server.csr -days ${DAYS}
+        openssl req -batch -new -keyout server.key -out server.csr          \
+                    -days ${DAYS} -config ${OPENSS_CONF}
         echo -e "${GREEN}Signing the Server crt${COLOR_RST}"
-        openssl ca -policy policy_match -out server.crt -infiles server.csr
+        openssl ca -policy policy_match -config ${OPENSSL_CONF}             \
+                   -out server.crt -infiles server.csr
         if [ $? -ne 0 ]; then
             echo -e "${RED}Signing failed for new server${COLOR_RST}"
             rm -rf server.key server.crt server.csr
@@ -106,7 +108,7 @@ case $1 in
             exit 5
         fi
 
-        pass=`pwgen 10 1`
+        pass=`pwgen -n -B -y 12 1`
 
         openssl req -batch -new -keyout ${2}.key -out ${2}.csr              \
                     -config ${OPENSSL_CONF} -passout pass:$pass -days ${DAYS}