init now creates the key and cert in 2 steps, skipping any file that already exists.

1fee4498 · nimrod · eb7def43 · 1fee4498 · 1fee4498
Commit 1fee4498 authored 9 years ago by nimrod
--- a/Makefile
+++ b/Makefile
@@ -5,7 +5,7 @@ install:
 	chmod 755 /usr/local/bin/ssl-ca
 clean:
-	rm -rf openssl.cnf certs keys CA.key CA.crt
+	rm -rf openssl.cnf certs keys CA.key CA.crt CA.p12
 test: clean
 	./ssl-ca init

--- a/ssl-ca
+++ b/ssl-ca
@@ -59,20 +59,35 @@ init () {
    else
        echo "$config" > "openssl.cnf"
    fi
-    openssl req \
+    if [ -e CA.key ]
-        -x509 \
+    then
-        -config openssl.cnf \
+        echo CA.key already exists, skipping.
-        -new \
+    else
-        -newkey rsa:2048 \
+        openssl genrsa -out CA.key 2048
-        -keyout CA.key \
+    fi
-        -extensions v3_ca \
+    if [ -e CA.crt ]
-        -out CA.crt
+    then
-    openssl pkcs12 \
+        echo CA.crt already exists, skipping.
-        -export \
+    else
-        -in CA.crt \
+        openssl req \
-        -inkey CA.key \
+            -x509 \
-        -out CA.p12 \
+            -config openssl.cnf \
-        -passout pass:
+            -new \
+            -key CA.key \
+            -extensions v3_ca \
+            -out CA.crt
+    fi
+    if [ -e CA.p12 ]
+    then
+        echo PKCS12 file already exists, skipping.
+    else
+        openssl pkcs12 \
+            -export \
+            -in CA.crt \
+            -inkey CA.key \
+            -out CA.p12 \
+            -passout pass:
+    fi
 }
 sign_key () {