WebSVN – ALCASAR – Diff – /scripts/alcasar-CA.sh



#!/bin/sh
# $Id: alcasar-CA.sh 2488 2018-02-25 14:53:54Z lucas.echard $
 
# alcasar-CA.sh
# by Franck BOUIJOUX, Pascal LEVANT and Richard REY
# This script is distributed under the Gnu General Public License (GPL)
#

CACERT=$DIR_PKI/CA/alcasar-ca.crt
CAKEY=$DIR_PKI/CA/private/alcasar-ca.key
SRVREQ=$DIR_CERT/alcasar.req
SRVKEY=$DIR_CERT/private/alcasar.key
SRVCERT=$DIR_CERT/certs/alcasar.crt
SRVPEM=$DIR_CERT/private/alcasar.pem
SRVCHAIN=$DIR_CERT/certs/server-chain.crt
 
CACERT_LIFETIME="1460"
SRVCERT_LIFETIME="1460"
COUNTRY="FR"

rm -f $SRVCERT
echo "*********SRVCERT*********" >> $DIR_TMP/openssl-log
openssl ca -config $DIR_TMP/ssl.conf -name AlcasarCA -batch -days $SRVCERT_LIFETIME -in $SRVREQ -out $SRVCERT 2>> $DIR_TMP/openssl-log
rm -f $SRVREQ
cp -f $SRVCERT $SRVCHAIN  # in order to simplify the official intranet certificate import process
cat $SRVKEY $SRVCERT > $SRVPEM
chmod a+r $CACERT $SRVCERT $SRVCHAIN
 
# Link certs in ALCASAR Control Center
if [ -s "$CACERT" -a -s "$CAKEY" -a -s "$SRVCERT" -a -s "$SRVKEY" ];
	then

Rev 2454	Rev 2488
Line 1...	Line 1...
1	`#!/bin/sh`	1	`#!/bin/sh`
2	`# $Id: alcasar-CA.sh 2454 2017-12-09 18:59:31Z tom.houdayer $`	2	`# $Id: alcasar-CA.sh 2488 2018-02-25 14:53:54Z lucas.echard $`
3		3
4	`# alcasar-CA.sh`	4	`# alcasar-CA.sh`
5	`# by Franck BOUIJOUX, Pascal LEVANT and Richard REY`	5	`# by Franck BOUIJOUX, Pascal LEVANT and Richard REY`
6	`# This script is distributed under the Gnu General Public License (GPL)`	6	`# This script is distributed under the Gnu General Public License (GPL)`
7	`#`	7	`#`
Line 15...	Line 15...
15	`CACERT=$DIR_PKI/CA/alcasar-ca.crt`	15	`CACERT=$DIR_PKI/CA/alcasar-ca.crt`
16	`CAKEY=$DIR_PKI/CA/private/alcasar-ca.key`	16	`CAKEY=$DIR_PKI/CA/private/alcasar-ca.key`
17	`SRVREQ=$DIR_CERT/alcasar.req`	17	`SRVREQ=$DIR_CERT/alcasar.req`
18	`SRVKEY=$DIR_CERT/private/alcasar.key`	18	`SRVKEY=$DIR_CERT/private/alcasar.key`
19	`SRVCERT=$DIR_CERT/certs/alcasar.crt`	19	`SRVCERT=$DIR_CERT/certs/alcasar.crt`
-		20	`SRVPEM=$DIR_CERT/private/alcasar.pem`
20	`SRVCHAIN=$DIR_CERT/certs/server-chain.crt`	21	`SRVCHAIN=$DIR_CERT/certs/server-chain.crt`
21		22
22	`CACERT_LIFETIME="1460"`	23	`CACERT_LIFETIME="1460"`
23	`SRVCERT_LIFETIME="1460"`	24	`SRVCERT_LIFETIME="1460"`
24	`COUNTRY="FR"`	25	`COUNTRY="FR"`
Line 216...	Line 217...
216	`rm -f $SRVCERT`	217	`rm -f $SRVCERT`
217	`echo "*******SRVCERT*******" >> $DIR_TMP/openssl-log`	218	`echo "*******SRVCERT*******" >> $DIR_TMP/openssl-log`
218	`openssl ca -config $DIR_TMP/ssl.conf -name AlcasarCA -batch -days $SRVCERT_LIFETIME -in $SRVREQ -out $SRVCERT 2>> $DIR_TMP/openssl-log`	219	`openssl ca -config $DIR_TMP/ssl.conf -name AlcasarCA -batch -days $SRVCERT_LIFETIME -in $SRVREQ -out $SRVCERT 2>> $DIR_TMP/openssl-log`
219	`rm -f $SRVREQ`	220	`rm -f $SRVREQ`
220	`cp -f $SRVCERT $SRVCHAIN # in order to simplify the official intranet certificate import process`	221	`cp -f $SRVCERT $SRVCHAIN # in order to simplify the official intranet certificate import process`
-		222	`cat $SRVKEY $SRVCERT > $SRVPEM`
221	`chmod a+r $CACERT $SRVCERT $SRVCHAIN`	223	`chmod a+r $CACERT $SRVCERT $SRVCHAIN`
222		224
223	`# Link certs in ALCASAR Control Center`	225	`# Link certs in ALCASAR Control Center`
224	`if [ -s "$CACERT" -a -s "$CAKEY" -a -s "$SRVCERT" -a -s "$SRVKEY" ];`	226	`if [ -s "$CACERT" -a -s "$CAKEY" -a -s "$SRVCERT" -a -s "$SRVKEY" ];`
225	`then`	227	`then`

Subversion Repositories ALCASAR

(root)/scripts/alcasar-CA.sh – Rev 2454 → 2488