2009-10-12 17:46:50 -04:00
|
|
|
#! /bin/sh
|
|
|
|
|
|
|
|
. "/home/alex/code/ca-scripts/lib/ca-functions"
|
|
|
|
|
|
|
|
usage() {
|
|
|
|
cat <<__EOT__
|
2010-03-13 09:47:57 -05:00
|
|
|
Usage: $PROGNAME [options] <common name>|<path to certificate>
|
2009-10-12 17:46:50 -04:00
|
|
|
|
|
|
|
Options:
|
|
|
|
-h, --help Print this helpful message!
|
|
|
|
-f, --config FILE Use config file instead of $CONFFILE
|
2010-03-13 09:47:57 -05:00
|
|
|
-t, --type TYPE Certificate type: "server" (default), "client" or "user"
|
2009-10-12 17:46:50 -04:00
|
|
|
-i, --template FILE Use alternative index.html template
|
|
|
|
-o, --output FILE Generate CA index.html in FILE
|
|
|
|
|
|
|
|
__EOT__
|
|
|
|
}
|
|
|
|
|
|
|
|
short='hf:t:i:o:'
|
|
|
|
long='help,config:,type:,template:,output:'
|
|
|
|
opts=$( getopt -o "$short" -l "$long" -n "$PROGNAME" -- "$@" )
|
|
|
|
if [ 0 -ne $? ]; then echo; usage; exit 1; fi
|
|
|
|
eval set -- "$opts";
|
|
|
|
|
|
|
|
while :; do
|
|
|
|
case "$1" in
|
|
|
|
-h|--help) usage; exit 0;;
|
|
|
|
-f|--config) shift; CONFFILE="$1"; shift;;
|
2010-03-13 10:00:04 -05:00
|
|
|
-t|--type) shift; USER_CA_CRT_TYPE="$1"; shift;;
|
2009-10-12 17:46:50 -04:00
|
|
|
-i|--template) shift; INDEXTPL="$1"; shift;;
|
|
|
|
-o|--output) shift; INDEXOUT="$1"; shift;;
|
|
|
|
--) shift; break;;
|
|
|
|
*) echo "Unknown value '$1'"; exit 1;;
|
|
|
|
esac
|
|
|
|
done
|
|
|
|
|
|
|
|
ca_load_conf
|
|
|
|
|
2010-03-13 10:00:04 -05:00
|
|
|
CNF_NAME=$( ca_find_cnf "$1" )
|
2009-10-12 17:46:50 -04:00
|
|
|
CRT="$CA_HOME/crt/$CNF_NAME.crt"
|
|
|
|
|
|
|
|
openssl ca -config $CA_HOME/cnf/$CA_NAME.ca.cnf \
|
|
|
|
-revoke $CRT -crl_reason superseded
|
|
|
|
|
|
|
|
ca_gen_crl
|
|
|
|
if [ -n "$INDEXOUT" ]; then
|
|
|
|
ca_checksum
|
|
|
|
ca_template $INDEXTPL $INDEXOUT
|
|
|
|
fi
|
|
|
|
|