[hcoop/domtool2.git] / scripts / domtool-addcert-daemon

#!/bin/sh -e

USER="$1"
if test -z "$USER"; then
        echo Usage: domtool-addcert USERNAME
        exit 1
fi

  KEYDIR=/afs/hcoop.net/common/etc/domtool/keys/$USER
 KEYFILE=$KEYDIR/key.pem
CERTFILE=/afs/hcoop.net/common/etc/domtool/certs/$USER.pem
  NEWREQ=~/.newreq.pem
     NEW=~/.new.pem
   KEYIN=~/.keyin

mkdir $KEYDIR || echo Already exists
openssl genrsa -out $KEYFILE
chown -R domtool.domtool $KEYDIR
echo "." >$KEYIN
echo "." >>$KEYIN
echo "." >>$KEYIN
echo "." >>$KEYIN
echo "." >>$KEYIN
echo "$USER" >>$KEYIN
echo "$USER@hcoop.net" >>$KEYIN
echo "" >>$KEYIN
echo "" >>$KEYIN
openssl req -new -key $KEYFILE -out $NEWREQ -days 365 <$KEYIN
rm $KEYIN
cat $NEWREQ $KEYFILE >$NEW
rm $NEWREQ
openssl ca -batch -config /etc/domtool/openssl.cnf -policy policy_anything -out $CERTFILE -infiles $NEW
rm $NEW
chown domtool.domtool $CERTFILE
Commit	Line	Data
25c93232 AC	1	#!/bin/sh -e
25c93232 AC	2
906a79a6 DO	3	USER="$1"
	4	if test -z "$USER"; then
	5	echo Usage: domtool-addcert USERNAME
	6	exit 1
	7	fi
	8
	9	KEYDIR=/afs/hcoop.net/common/etc/domtool/keys/$USER
25c93232	10	KEYFILE=$KEYDIR/key.pem
906a79a6	11	CERTFILE=/afs/hcoop.net/common/etc/domtool/certs/$USER.pem
25c93232 AC	12	NEWREQ=~/.newreq.pem
	13	NEW=~/.new.pem
	14	KEYIN=~/.keyin
	15
	16	mkdir $KEYDIR \|\| echo Already exists
	17	openssl genrsa -out $KEYFILE
	18	chown -R domtool.domtool $KEYDIR
	19	echo "." >$KEYIN
	20	echo "." >>$KEYIN
	21	echo "." >>$KEYIN
	22	echo "." >>$KEYIN
	23	echo "." >>$KEYIN
906a79a6 DO	24	echo "$USER" >>$KEYIN
906a79a6 DO	25	echo "$USER@hcoop.net" >>$KEYIN
25c93232 AC	26	echo "" >>$KEYIN
	27	echo "" >>$KEYIN
	28	openssl req -new -key $KEYFILE -out $NEWREQ -days 365 <$KEYIN
	29	rm $KEYIN
	30	cat $NEWREQ $KEYFILE >$NEW
	31	rm $NEWREQ
	32	openssl ca -batch -config /etc/domtool/openssl.cnf -policy policy_anything -out $CERTFILE -infiles $NEW
	33	rm $NEW
	34	chown domtool.domtool $CERTFILE