| Line 1... |
Line 1... |
| 1 |
#!/bin/sh
|
1 |
#!/bin/sh
|
| 2 |
# $Id: alcasar-CA.sh 2554 2018-05-20 11:02:46Z lucas.echard $
|
2 |
# $Id: alcasar-CA.sh 2703 2019-03-05 21:59:02Z tom.houdayer $
|
| 3 |
|
3 |
|
| 4 |
# alcasar-CA.sh
|
4 |
# alcasar-CA.sh
|
| 5 |
# by Franck BOUIJOUX, Pascal LEVANT and Richard REY
|
5 |
# by Franck BOUIJOUX, Pascal LEVANT and Richard REY
|
| 6 |
# This script is distributed under the Gnu General Public License (GPL)
|
6 |
# This script is distributed under the Gnu General Public License (GPL)
|
| 7 |
#
|
7 |
#
|
| Line 216... |
Line 216... |
| 216 |
# Sign the server certificate "request" to create server certificate
|
216 |
# Sign the server certificate "request" to create server certificate
|
| 217 |
rm -f $SRVCERT
|
217 |
rm -f $SRVCERT
|
| 218 |
echo "*********SRVCERT*********" >> $DIR_TMP/openssl-log
|
218 |
echo "*********SRVCERT*********" >> $DIR_TMP/openssl-log
|
| 219 |
openssl ca -config $DIR_TMP/ssl.conf -name AlcasarCA -batch -days $SRVCERT_LIFETIME -in $SRVREQ -out $SRVCERT 2>> $DIR_TMP/openssl-log
|
219 |
openssl ca -config $DIR_TMP/ssl.conf -name AlcasarCA -batch -days $SRVCERT_LIFETIME -in $SRVREQ -out $SRVCERT 2>> $DIR_TMP/openssl-log
|
| 220 |
rm -f $SRVREQ
|
220 |
rm -f $SRVREQ
|
| 221 |
cp -f $SRVCERT $SRVCHAIN # in order to simplify the official intranet certificate import process
|
- |
|
| 222 |
|
221 |
|
| 223 |
(cat $SRVKEY; echo; cat $SRVCERT) > $SRVPEM
|
222 |
(cat $SRVKEY; echo; cat $SRVCERT) > $SRVPEM
|
| - |
|
223 |
cp -f $CACERT $SRVCHAIN
|
| 224 |
|
224 |
|
| 225 |
chmod a+r $CACERT $SRVCERT $SRVCHAIN
|
225 |
chmod a+r $CACERT $SRVCERT $SRVCHAIN
|
| 226 |
|
226 |
|
| 227 |
# Link certs in ALCASAR Control Center
|
227 |
# Link certs in ALCASAR Control Center
|
| 228 |
if [ -s "$CACERT" -a -s "$CAKEY" -a -s "$SRVCERT" -a -s "$SRVKEY" ];
|
228 |
if [ -s "$CACERT" -a -s "$CAKEY" -a -s "$SRVCERT" -a -s "$SRVKEY" ];
|