temporary checkin

2016-02-22 03:29:17 -05:00 · 2016-02-22 03:29:17 -05:00 · c72dc5389b
commit c72dc5389b
parent b35241f7d0
6 changed files with 35 additions and 22 deletions
--- a/gen.ca.cert.sh
+++ b/gen.ca.cert.sh
@ -2,5 +2,5 @@
 set -e
 echo "Generating CA certificate..."
-openssl req -config ${rootdir}/openssl.cnf -key ${rootdir}/key/ca.key -new -x509 -days 3650 -extensions v3_ca -out ${rootdir}/crt/ca.crt > /dev/null 2>&1
+openssl req -config ${rootdir}/openssl.cnf -key ${rootdir}/key/ca.key -new -x509 -days 3650 -extensions v3_ca -subj "/CN=${ORGNAME}\(CA\)/O=${ORGNAME}/C=${ORGCNTRY}/ST=${ORGSTATE}/L=${ORGCITY}" -out ${rootdir}/crt/ca.crt > /dev/null 2>&1
 chmod 444 ${rootdir}/crt/ca.crt
--- a/gen.intermediate.csr.sh
+++ b/gen.intermediate.csr.sh
@ -2,4 +2,4 @@
 set -e
 echo "Generating intermediate CSR..."
-openssl req -config ${rootdir}/intermediate/openssl.cnf -new -sha512 -key ${rootdir}/intermediate/key/intermediate.key -out ${rootdir}/intermediate/csr/intermediate.csr > /dev/null 2>&1
+openssl req -config ${rootdir}/intermediate/openssl.cnf -new -sha512 -subj "/CN=${ORGNAME}\(intermediate\)/O=${ORGNAME}/C=${ORGCNTRY}/ST=${ORGSTATE}/L=${ORGCITY}" -key ${rootdir}/intermediate/key/intermediate.key -out ${rootdir}/intermediate/csr/intermediate.csr > /dev/null 2>&1
--- a/gen.intermediate.key.sh
+++ b/gen.intermediate.key.sh
@ -2,5 +2,5 @@
 set -e
 echo "Generating intermediate key..."
-openssl genrsa -out ${rootdir}/intermdiate/key/ca.key 4096 > /dev/null 2>&1
+openssl genrsa -out ${rootdir}/intermediate/key/intermediate.key 4096 > /dev/null 2>&1
-chmod 400 ${rootdir}/intermediate/key/ca.key
+chmod 400 ${rootdir}/intermediate/key/intermediate.key
--- a/gen.serverclient.csr.sh
+++ b/gen.serverclient.csr.sh
@ -2,4 +2,4 @@
 set -e
 echo "Generating CSR (${1})..."
-openssl req -config ${rootdir}/intermediate/openssl.cnf -new -sha512 -key ${rootdir}/key/${1}.key -out ${rootdir}/csr/${1}.csr > /dev/null 2>&1
+openssl req -config ${rootdir}/intermediate/openssl.cnf -new -sha512 -subj "/CN=${1}/O=${ORGNAME}/C=${ORGCNTRY}/ST=${ORGSTATE}/L=${ORGCITY}" -key ${rootdir}/key/${1}.key -out ${rootdir}/csr/${1}.csr > /dev/null 2>&1
--- a/new.ca.sh
+++ b/new.ca.sh
@ -1,27 +1,31 @@
 #!/bin/bash
 set -e
 set -x
-rootdir='/root/ssl/ca'
+rootdir='/tmp/ssl/ca'
 bindir="$(dirname ${0})"
 export rootdir
 export bindir
-echo "If you continue, I will completely DELETE (if found):"
+if [[ -d "${rootdir}" ]];
 echo " ${rootdir}/key"
 echo " ${rootdir}/crt"
 echo " ${rootdir}/crl"
 echo " ${rootdir}/csr"
 echo " ${rootdir}/index.txt"
 echo " ${rootdir}/serial"
 echo
 echo "To continue, type YESIAMCRAZY and hit the enter key."
 read RUCRAZY
 if [[ "${RUCRAZY}" != 'YESIAMCRAZY' ]];
 then
-	echo '"IAMCRAZY" *NOT* entered. Quitting.'
+	echo "If you continue, I will completely DELETE (if found):"
-	exit 1
+	echo " ${rootdir}/key"
 	echo " ${rootdir}/crt"
 	echo " ${rootdir}/crl"
 	echo " ${rootdir}/csr"
 	echo " ${rootdir}/index.txt"
 	echo " ${rootdir}/serial"
 	echo
 	echo "To continue, type YESIAMCRAZY and hit the enter key."
 	read RUCRAZY
 	if [[ "${RUCRAZY}" != 'YESIAMCRAZY' ]];
 	then
 		echo '"IAMCRAZY" *NOT* entered. Quitting.'
 		exit 1
 	fi
 fi
 echo "Deleting CA hierarchy and creating clean..."
@ -136,7 +140,7 @@ echo -n "Lastly, what email address should be used for the SSL administrator? "
 read SSLADMIN
 export SSLADMIN
-sed -i -e "s/%%TEMPLATE_ORG%%/${ORGNAME}/g ; s/%%TEMPLATE_DOMAIN%%/${ORGSITE}/g ; s/%%TEMPLATE_ROOTDIR%%/${rootdir}/g ; s/%%TEMPLATE_COUNTRY%%/${ORGCNTRY}/g ; s/%%TEMPLATE_STATE%%/${ORGSTATE}/g ; s/%%TEMPLATE_CITY%%/${ORGCITY}/g ; s/%%TEMPLATE_SSLADMIN%%/${SSLADMIN}/g" ${rootdir}/openssl.cnf
+sed -i -e "s/%%TEMPLATE_ORG%%/${ORGNAME}/g ; s/%%TEMPLATE_DOMAIN%%/${ORGSITE}/g ; s@%%TEMPLATE_ROOTDIR%%@${rootdir}@g ; s/%%TEMPLATE_COUNTRY%%/${ORGCNTRY}/g ; s/%%TEMPLATE_STATE%%/${ORGSTATE}/g ; s/%%TEMPLATE_CITY%%/${ORGCITY}/g ; s/%%TEMPLATE_SSLADMIN%%/${SSLADMIN}/g" ${rootdir}/openssl.cnf
 NEWCA='yes'
 export NEWCA
--- a/new.intermediate.sh
+++ b/new.intermediate.sh
@ -22,6 +22,15 @@ then
 	read RUCRAZY2
 else
 	RUCRAZY2='YESIAMCRAZY'
 	export rootdir
 	export bindir
 	export ORGNAME
 	export ORGSITE
 	export ORGCNTRY
 	export ORGSTATE
 	export ORGCITY
 	export SSLADMIN
 	export NEWCA
 fi
 if [[ "${RUCRAZY2}" != 'YESIAMCRAZY' ]]; 
@ -146,7 +155,7 @@ then
 	export SSLADMIN
 fi
-sed -i -e "s/%%TEMPLATE_ORG%%/${ORGNAME}/g ; s/%%TEMPLATE_DOMAIN%%/${ORGSITE}/g ; s/%%TEMPLATE_ROOTDIR%%/${rootdir}/g ; s/%%TEMPLATE_COUNTRY%%/${ORGCNTRY}/g ; s/%%TEMPLATE_STATE%%/${ORGSTATE}/g ; s/%%TEMPLATE_CITY%%/${ORGCITY}/g ; s/%%TEMPLATE_SSLADMIN%%/${SSLADMIN}/g" ${rootdir}/intermediate/openssl.cnf
+sed -i -e "s/%%TEMPLATE_ORG%%/${ORGNAME}/g ; s/%%TEMPLATE_DOMAIN%%/${ORGSITE}/g ; s@%%TEMPLATE_ROOTDIR%%@${rootdir}@g ; s/%%TEMPLATE_COUNTRY%%/${ORGCNTRY}/g ; s/%%TEMPLATE_STATE%%/${ORGSTATE}/g ; s/%%TEMPLATE_CITY%%/${ORGCITY}/g ; s/%%TEMPLATE_SSLADMIN%%/${SSLADMIN}/g" ${rootdir}/intermediate/openssl.cnf
 sh ${bindir}/gen.intermediate.key.sh
 sh ${bindir}/gen.intermediate.csr.sh