scripts/domtool-addcert-daemon

   1 #!/bin/sh -e
   2
   3   KEYDIR=/afs/hcoop.net/common/etc/domtool/keys/$1
   4  KEYFILE=$KEYDIR/key.pem
   5 CERTFILE=/afs/hcoop.net/common/etc/domtool/certs/$1.pem
   6   NEWREQ=~/.newreq.pem
   7      NEW=~/.new.pem
   8    KEYIN=~/.keyin
   9
  10 mkdir $KEYDIR || echo Already exists
  11 openssl genrsa -out $KEYFILE
  12 chown -R domtool.domtool $KEYDIR
  13 echo "." >$KEYIN
  14 echo "." >>$KEYIN
  15 echo "." >>$KEYIN
  16 echo "." >>$KEYIN
  17 echo "." >>$KEYIN
  18 echo "$1" >>$KEYIN
  19 echo "$1@hcoop.net" >>$KEYIN
  20 echo "" >>$KEYIN
  21 echo "" >>$KEYIN
  22 openssl req -new -key $KEYFILE -out $NEWREQ -days 365 <$KEYIN
  23 rm $KEYIN
  24 cat $NEWREQ $KEYFILE >$NEW
  25 rm $NEWREQ
  26 openssl ca -batch -config /etc/domtool/openssl.cnf -policy policy_anything -out $CERTFILE -infiles $NEW
  27 rm $NEW
  28 chown domtool.domtool $CERTFILE