Skip to content
Snippets Groups Projects
Commit 1fee4498 authored by nimrod's avatar nimrod
Browse files

init now creates the key and cert in 2 steps, skipping any file that already exists.

parent eb7def43
No related branches found
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
Makefile
+ 1
1
View file @ 1fee4498
...@@ -5,7 +5,7 @@ install: ...@@ -5,7 +5,7 @@ install:
chmod 755 /usr/local/bin/ssl-ca chmod 755 /usr/local/bin/ssl-ca
clean: clean:
rm -rf openssl.cnf certs keys CA.key CA.crt rm -rf openssl.cnf certs keys CA.key CA.crt CA.p12
test: clean test: clean
./ssl-ca init ./ssl-ca init
......
ssl-ca
+ 29
14
View file @ 1fee4498
...@@ -59,20 +59,35 @@ init () { ...@@ -59,20 +59,35 @@ init () {
else else
echo "$config" > "openssl.cnf" echo "$config" > "openssl.cnf"
fi fi
if [ -e CA.key ]
then
echo CA.key already exists, skipping.
else
openssl genrsa -out CA.key 2048
fi
if [ -e CA.crt ]
then
echo CA.crt already exists, skipping.
else
openssl req \ openssl req \
-x509 \ -x509 \
-config openssl.cnf \ -config openssl.cnf \
-new \ -new \
-newkey rsa:2048 \ -key CA.key \
-keyout CA.key \
-extensions v3_ca \ -extensions v3_ca \
-out CA.crt -out CA.crt
fi
if [ -e CA.p12 ]
then
echo PKCS12 file already exists, skipping.
else
openssl pkcs12 \ openssl pkcs12 \
-export \ -export \
-in CA.crt \ -in CA.crt \
-inkey CA.key \ -inkey CA.key \
-out CA.p12 \ -out CA.p12 \
-passout pass: -passout pass:
fi
} }
sign_key () { sign_key () {
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment