Commit | Line | Data |
---|---|---|
385c3534 AC |
1 | #!/bin/sh -e |
2 | ||
3 | KEYDIR=/afs/hcoop.net/common/etc/domtool/keys/$1 | |
4 | KEYFILE=$KEYDIR/key.pem | |
5 | CERTFILE=/afs/hcoop.net/common/etc/domtool/certs/$1.pem | |
6 | NEWREQ=~/.newreq.pem | |
7 | NEW=~/.new.pem | |
8 | KEYIN=~/.keyin | |
9 | ||
10 | mkdir $KEYDIR || echo Already exists | |
11 | openssl genrsa -out $KEYFILE | |
12 | chown -R domtool.domtool $KEYDIR | |
13 | fs sa $KEYDIR $1 read | |
14 | echo "." >$KEYIN | |
15 | echo "." >>$KEYIN | |
16 | echo "." >>$KEYIN | |
17 | echo "." >>$KEYIN | |
18 | echo "." >>$KEYIN | |
19 | echo "$1" >>$KEYIN | |
20 | echo "$1@hcoop.net" >>$KEYIN | |
21 | echo "" >>$KEYIN | |
22 | echo "" >>$KEYIN | |
23 | openssl req -new -key $KEYFILE -out $NEWREQ -days 365 <$KEYIN | |
24 | rm $KEYIN | |
25 | cat $NEWREQ $KEYFILE >$NEW | |
26 | rm $NEWREQ | |
27 | openssl ca -batch -config /etc/domtool/openssl.cnf -policy policy_anything -out $CERTFILE -infiles $NEW | |
28 | rm $NEW | |
29 | chown domtool.domtool $CERTFILE |