a82d7967 |
1 | #!/bin/sh -e |
2 | |
3 | KEYDIR=/afs/hcoop.net/common/etc/domtool/keys/$1 |
4 | KEYFILE=$KEYDIR/key.pem |
5 | CERTFILE=/afs/hcoop.net/common/etc/domtool/certs/$1.pem |
6 | NEWREQ=~/.newreq.pem |
7 | NEW=~/.new.pem |
8 | KEYIN=~/.keyin |
9 | |
593d6ab2 |
10 | mkdir -p $KEYDIR |
a82d7967 |
11 | openssl genrsa -out $KEYFILE |
12 | chown -R domtool.domtool $KEYDIR |
13 | fs sa $KEYDIR $1 read |
14 | echo "." >$KEYIN |
15 | echo "." >>$KEYIN |
16 | echo "." >>$KEYIN |
17 | echo "." >>$KEYIN |
18 | echo "." >>$KEYIN |
19 | echo "$1" >>$KEYIN |
20 | echo "$1@hcoop.net" >>$KEYIN |
21 | echo "" >>$KEYIN |
22 | echo "" >>$KEYIN |
23 | openssl req -new -key $KEYFILE -out $NEWREQ -days 365 <$KEYIN |
24 | rm $KEYIN |
25 | cat $NEWREQ $KEYFILE >$NEW |
26 | rm $NEWREQ |
27 | openssl ca -batch -config /etc/domtool/openssl.cnf -policy policy_anything -out $CERTFILE -infiles $NEW |
28 | rm $NEW |
29 | chown domtool.domtool $CERTFILE |