WebSVN – ALCASAR – Diff – /scripts/alcasar-CA.sh



#!/bin/sh
# $Id: alcasar-CA.sh 3238 2024-12-02 22:38:59Z rexy $
 
# alcasar-CA.sh
# by Franck BOUIJOUX (3abtux), Pascal LEVANT and Richard REY (Rexy)
# This script is distributed under the Gnu General Public License (GPL)
#

SRVPEM=$DIR_CERT/private/alcasar.pem
SRVCHAIN=$DIR_CERT/certs/server-chain.pem
CONF_FILE="/usr/local/etc/alcasar.conf"
hostname=`grep ^HOSTNAME= $CONF_FILE|cut -d"=" -f2`
domain=`grep ^DOMAIN= $CONF_FILE|cut -d"=" -f2`
domain=${domain:=lan}
fqdn_hostname="$hostname.$domain"
# The value for organizationalUnitName must be 64 chars or less;
#   thus, hostname must be 36 chars or less. If it's too big,
#   try removing domain (merci REXY ;-) ).
hostname_len=`echo $fqdn_hostname| wc -c`

mkdir $DIR_TMP || exit 1
[ -d $DIR_PKI/CA/private ] || mkdir -p $DIR_PKI/CA/private ; chown -R root:root $DIR_PKI/CA ; chmod -R 750 $DIR_PKI/CA
# dynamic conf file for openssl
cat <<EOF >$DIR_TMP/ssl.conf
RANDFILE		= $HOME/.rnd
 
[ca]
default_ca = AlcasarCA
 
[AlcasarCA]
dir		= $DIR_TMP		# Where everything is kept

Rev 3201	Rev 3238
Line 1...	Line 1...
1	`#!/bin/sh`	1	`#!/bin/sh`
2	`# $Id: alcasar-CA.sh 3201 2024-05-28 17:21:34Z rexy $`	2	`# $Id: alcasar-CA.sh 3238 2024-12-02 22:38:59Z rexy $`
3		3
4	`# alcasar-CA.sh`	4	`# alcasar-CA.sh`
5	`# by Franck BOUIJOUX (3abtux), Pascal LEVANT and Richard REY (Rexy)`	5	`# by Franck BOUIJOUX (3abtux), Pascal LEVANT and Richard REY (Rexy)`
6	`# This script is distributed under the Gnu General Public License (GPL)`	6	`# This script is distributed under the Gnu General Public License (GPL)`
7	`#`	7	`#`
Line 20...	Line 20...
20	`SRVPEM=$DIR_CERT/private/alcasar.pem`	20	`SRVPEM=$DIR_CERT/private/alcasar.pem`
21	`SRVCHAIN=$DIR_CERT/certs/server-chain.pem`	21	`SRVCHAIN=$DIR_CERT/certs/server-chain.pem`
22	`CONF_FILE="/usr/local/etc/alcasar.conf"`	22	`CONF_FILE="/usr/local/etc/alcasar.conf"`
23	hostname=`grep ^HOSTNAME= $CONF_FILE\|cut -d"=" -f2`	23	hostname=`grep ^HOSTNAME= $CONF_FILE\|cut -d"=" -f2`
24	domain=`grep ^DOMAIN= $CONF_FILE\|cut -d"=" -f2`	24	domain=`grep ^DOMAIN= $CONF_FILE\|cut -d"=" -f2`
25	`domain=${domain:=localdomain}`	25	`domain=${domain:=lan}`
26	`fqdn_hostname="$hostname.$domain"`	26	`fqdn_hostname="$hostname.$domain"`
27	`# The value for organizationalUnitName must be 64 chars or less;`	27	`# The value for organizationalUnitName must be 64 chars or less;`
28	`# thus, hostname must be 36 chars or less. If it's too big,`	28	`# thus, hostname must be 36 chars or less. If it's too big,`
29	`# try removing domain (merci REXY ;-) ).`	29	`# try removing domain (merci REXY ;-) ).`
30	hostname_len=`echo $fqdn_hostname\| wc -c`	30	hostname_len=`echo $fqdn_hostname\| wc -c`
Line 44...	Line 44...
44	`mkdir $DIR_TMP \|\| exit 1`	44	`mkdir $DIR_TMP \|\| exit 1`
45	`[ -d $DIR_PKI/CA/private ] \|\| mkdir -p $DIR_PKI/CA/private ; chown -R root:root $DIR_PKI/CA ; chmod -R 750 $DIR_PKI/CA`	45	`[ -d $DIR_PKI/CA/private ] \|\| mkdir -p $DIR_PKI/CA/private ; chown -R root:root $DIR_PKI/CA ; chmod -R 750 $DIR_PKI/CA`
46	`# dynamic conf file for openssl`	46	`# dynamic conf file for openssl`
47	`cat <<EOF >$DIR_TMP/ssl.conf`	47	`cat <<EOF >$DIR_TMP/ssl.conf`
48	`RANDFILE = $HOME/.rnd`	48	`RANDFILE = $HOME/.rnd`
49	`#`	49
50	`[ca]`	50	`[ca]`
51	`default_ca = AlcasarCA`	51	`default_ca = AlcasarCA`
52		52
53	`[AlcasarCA]`	53	`[AlcasarCA]`
54	`dir = $DIR_TMP # Where everything is kept`	54	`dir = $DIR_TMP # Where everything is kept`

Subversion Repositories ALCASAR

(root)/scripts/alcasar-CA.sh – Rev 3201 → 3238