#!/bin/sh # # Install a signed certificate, placing a complimentary copy in the # user's homedir. Also grant user domtool permissions. # # If the certificate comes from the USER's home directory, then don't # place an extra copy there. # # Run this on deleuze as an admin. # # Usage: ca-install user domain cert-file.pem [key-file.pem] # Check arguments if test -n "$5"; then echo "Error: Too many arguments" exit 1 elif test -z "$3"; then echo "Error: Not enough arguments" exit 1 else USER=$1 DOMAIN=$2 CERT=$3 KEY=$4 fi # Sanity-check some paths if test ! -f $CERT; then echo "Error: Nonexistent or unreadable cert $CERT" exit 1 fi if test -n "$KEY" && test ! -f $KEY; then echo "Error: Nonexistent or unreadable key $KEY" exit 1 fi # Figure out destination for complimentary copy APACHE_DEST=/etc/apache2/ssl/user/$DOMAIN.pem USERHOME=$(getent passwd $USER | cut -d':' -f 6) if test -n "$KEY"; then DEST=$(dirname $KEY)/$DOMAIN.pem else DEST= fi # Perform complimentary copy if test -z "$DEST"; then echo "No key specified, so skipping complimentary copy" elif echo "$CERT" | grep "^$USERHOME" > /dev/null; then echo "User already has a cert, skipping the complimentary copy" elif test -f $DEST; then echo "Not overwriting existing file $DEST" else echo "Copying signed certificate to user's home directory ..." cp $CERT $DEST chown $USER:nogroup $DEST fi echo # Determine whether we need to concatenate a private key if grep "^-----BEGIN RSA PRIVATE KEY-----" $CERT > /dev/null; then KEY= else if test -z "$KEY"; then echo "Error: No private key is included with this certificate" exit 1 fi fi # Copy complete certificate to mire if test -z "$KEY"; then echo "Installing cert to Apache SSL directory ..." cat $CERT | ssh mire.hcoop.net sudo tee $APACHE_DEST > /dev/null else echo "Installing cert to Apache SSL directory, adding key ..." cat $CERT $KEY | ssh mire.hcoop.net sudo tee $APACHE_DEST > /dev/null fi echo # Grant Domtool permissions echo "Granting user Domtool permissions for the cert ..." domtool-admin grant $USER cert $APACHE_DEST