temporary checkin

2016-02-22 03:29:17 -05:00 · 2016-02-22 03:29:17 -05:00 · c72dc5389b
commit c72dc5389b
parent b35241f7d0
6 changed files with 35 additions and 22 deletions
--- a/gen.ca.cert.sh
+++ b/gen.ca.cert.sh
@ -2,5 +2,5 @@
 set -e

 echo "Generating CA certificate..."
-openssl req -config ${rootdir}/openssl.cnf -key ${rootdir}/key/ca.key -new -x509 -days 3650 -extensions v3_ca -out ${rootdir}/crt/ca.crt > /dev/null 2>&1
+openssl req -config ${rootdir}/openssl.cnf -key ${rootdir}/key/ca.key -new -x509 -days 3650 -extensions v3_ca -subj "/CN=${ORGNAME}\(CA\)/O=${ORGNAME}/C=${ORGCNTRY}/ST=${ORGSTATE}/L=${ORGCITY}" -out ${rootdir}/crt/ca.crt > /dev/null 2>&1
 chmod 444 ${rootdir}/crt/ca.crt
--- a/gen.intermediate.csr.sh
+++ b/gen.intermediate.csr.sh
@ -2,4 +2,4 @@
 set -e

 echo "Generating intermediate CSR..."
-openssl req -config ${rootdir}/intermediate/openssl.cnf -new -sha512 -key ${rootdir}/intermediate/key/intermediate.key -out ${rootdir}/intermediate/csr/intermediate.csr > /dev/null 2>&1
+openssl req -config ${rootdir}/intermediate/openssl.cnf -new -sha512 -subj "/CN=${ORGNAME}\(intermediate\)/O=${ORGNAME}/C=${ORGCNTRY}/ST=${ORGSTATE}/L=${ORGCITY}" -key ${rootdir}/intermediate/key/intermediate.key -out ${rootdir}/intermediate/csr/intermediate.csr > /dev/null 2>&1
--- a/gen.intermediate.key.sh
+++ b/gen.intermediate.key.sh
@ -2,5 +2,5 @@
 set -e

 echo "Generating intermediate key..."
-openssl genrsa -out ${rootdir}/intermdiate/key/ca.key 4096 > /dev/null 2>&1
-chmod 400 ${rootdir}/intermediate/key/ca.key
+openssl genrsa -out ${rootdir}/intermediate/key/intermediate.key 4096 > /dev/null 2>&1
+chmod 400 ${rootdir}/intermediate/key/intermediate.key
--- a/gen.serverclient.csr.sh
+++ b/gen.serverclient.csr.sh
@ -2,4 +2,4 @@
 set -e

 echo "Generating CSR (${1})..."
-openssl req -config ${rootdir}/intermediate/openssl.cnf -new -sha512 -key ${rootdir}/key/${1}.key -out ${rootdir}/csr/${1}.csr > /dev/null 2>&1
+openssl req -config ${rootdir}/intermediate/openssl.cnf -new -sha512 -subj "/CN=${1}/O=${ORGNAME}/C=${ORGCNTRY}/ST=${ORGSTATE}/L=${ORGCITY}" -key ${rootdir}/key/${1}.key -out ${rootdir}/csr/${1}.csr > /dev/null 2>&1
--- a/new.ca.sh
+++ b/new.ca.sh
@ -1,27 +1,31 @@
 #!/bin/bash
 set -e
+set -x


-rootdir='/root/ssl/ca'
+rootdir='/tmp/ssl/ca'
 bindir="$(dirname ${0})"
 export rootdir
 export bindir

-echo "If you continue, I will completely DELETE (if found):"
-echo " ${rootdir}/key"
-echo " ${rootdir}/crt"
-echo " ${rootdir}/crl"
-echo " ${rootdir}/csr"
-echo " ${rootdir}/index.txt"
-echo " ${rootdir}/serial"
-echo
-echo "To continue, type YESIAMCRAZY and hit the enter key."
-read RUCRAZY
-
-if [[ "${RUCRAZY}" != 'YESIAMCRAZY' ]];
+if [[ -d "${rootdir}" ]];
 then
-	echo '"IAMCRAZY" *NOT* entered. Quitting.'
-	exit 1
+	echo "If you continue, I will completely DELETE (if found):"
+	echo " ${rootdir}/key"
+	echo " ${rootdir}/crt"
+	echo " ${rootdir}/crl"
+	echo " ${rootdir}/csr"
+	echo " ${rootdir}/index.txt"
+	echo " ${rootdir}/serial"
+	echo
+	echo "To continue, type YESIAMCRAZY and hit the enter key."
+	read RUCRAZY
+	
+	if [[ "${RUCRAZY}" != 'YESIAMCRAZY' ]];
+	then
+		echo '"IAMCRAZY" *NOT* entered. Quitting.'
+		exit 1
+	fi
 fi

 echo "Deleting CA hierarchy and creating clean..."
@ -136,7 +140,7 @@ echo -n "Lastly, what email address should be used for the SSL administrator? "
 read SSLADMIN
 export SSLADMIN

-sed -i -e "s/%%TEMPLATE_ORG%%/${ORGNAME}/g ; s/%%TEMPLATE_DOMAIN%%/${ORGSITE}/g ; s/%%TEMPLATE_ROOTDIR%%/${rootdir}/g ; s/%%TEMPLATE_COUNTRY%%/${ORGCNTRY}/g ; s/%%TEMPLATE_STATE%%/${ORGSTATE}/g ; s/%%TEMPLATE_CITY%%/${ORGCITY}/g ; s/%%TEMPLATE_SSLADMIN%%/${SSLADMIN}/g" ${rootdir}/openssl.cnf
+sed -i -e "s/%%TEMPLATE_ORG%%/${ORGNAME}/g ; s/%%TEMPLATE_DOMAIN%%/${ORGSITE}/g ; s@%%TEMPLATE_ROOTDIR%%@${rootdir}@g ; s/%%TEMPLATE_COUNTRY%%/${ORGCNTRY}/g ; s/%%TEMPLATE_STATE%%/${ORGSTATE}/g ; s/%%TEMPLATE_CITY%%/${ORGCITY}/g ; s/%%TEMPLATE_SSLADMIN%%/${SSLADMIN}/g" ${rootdir}/openssl.cnf

 NEWCA='yes'
 export NEWCA
--- a/new.intermediate.sh
+++ b/new.intermediate.sh
@ -22,6 +22,15 @@ then
 	read RUCRAZY2
 else
 	RUCRAZY2='YESIAMCRAZY'
+	export rootdir
+	export bindir
+	export ORGNAME
+	export ORGSITE
+	export ORGCNTRY
+	export ORGSTATE
+	export ORGCITY
+	export SSLADMIN
+	export NEWCA
 fi

 if [[ "${RUCRAZY2}" != 'YESIAMCRAZY' ]]; 
@ -146,7 +155,7 @@ then
 	export SSLADMIN
 fi

-sed -i -e "s/%%TEMPLATE_ORG%%/${ORGNAME}/g ; s/%%TEMPLATE_DOMAIN%%/${ORGSITE}/g ; s/%%TEMPLATE_ROOTDIR%%/${rootdir}/g ; s/%%TEMPLATE_COUNTRY%%/${ORGCNTRY}/g ; s/%%TEMPLATE_STATE%%/${ORGSTATE}/g ; s/%%TEMPLATE_CITY%%/${ORGCITY}/g ; s/%%TEMPLATE_SSLADMIN%%/${SSLADMIN}/g" ${rootdir}/intermediate/openssl.cnf
+sed -i -e "s/%%TEMPLATE_ORG%%/${ORGNAME}/g ; s/%%TEMPLATE_DOMAIN%%/${ORGSITE}/g ; s@%%TEMPLATE_ROOTDIR%%@${rootdir}@g ; s/%%TEMPLATE_COUNTRY%%/${ORGCNTRY}/g ; s/%%TEMPLATE_STATE%%/${ORGSTATE}/g ; s/%%TEMPLATE_CITY%%/${ORGCITY}/g ; s/%%TEMPLATE_SSLADMIN%%/${SSLADMIN}/g" ${rootdir}/intermediate/openssl.cnf

 sh ${bindir}/gen.intermediate.key.sh
 sh ${bindir}/gen.intermediate.csr.sh