scripts/domtool-addcert-daemon

   1 #!/bin/sh -e
   2
   3 USER="$1"
   4 if test -z "$USER"; then
   5         echo Usage: domtool-addcert USERNAME
   6         exit 1
   7 fi
   8
   9   KEYDIR=/afs/hcoop.net/common/etc/domtool/keys/$USER
  10  KEYFILE=$KEYDIR/key.pem
  11 CERTFILE=/afs/hcoop.net/common/etc/domtool/certs/$USER.pem
  12   NEWREQ=~/.newreq.pem
  13      NEW=~/.new.pem
  14    KEYIN=~/.keyin
  15
  16 mkdir $KEYDIR || echo Already exists
  17 openssl genrsa -out $KEYFILE
  18 chown -R domtool.domtool $KEYDIR
  19 echo "." >$KEYIN
  20 echo "." >>$KEYIN
  21 echo "." >>$KEYIN
  22 echo "." >>$KEYIN
  23 echo "." >>$KEYIN
  24 echo "$USER" >>$KEYIN
  25 echo "$USER@hcoop.net" >>$KEYIN
  26 echo "" >>$KEYIN
  27 echo "" >>$KEYIN
  28 openssl req -new -key $KEYFILE -out $NEWREQ -days 365 <$KEYIN
  29 rm $KEYIN
  30 cat $NEWREQ $KEYFILE >$NEW
  31 rm $NEWREQ
  32 openssl ca -batch -config /etc/domtool/openssl.cnf -policy policy_anything -out $CERTFILE -infiles $NEW
  33 rm $NEW
  34 chown domtool.domtool $CERTFILE