From 85b60e0af46198094087708571489024421bd580 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Fri, 19 Jun 2015 22:54:32 +0100 Subject: [PATCH] Reluctantly accept params --- src/freedombone-addcert | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/src/freedombone-addcert b/src/freedombone-addcert index 7c230503..ebc00385 100755 --- a/src/freedombone-addcert +++ b/src/freedombone-addcert @@ -40,7 +40,7 @@ NODH= function show_help { echo '' echo 'freedombone-addcert -h [hostname] -c [country code] -a [area] -l [location]' - echo ' -o [organisation] -u [unit]' + echo ' -o [organisation] -u [unit] --ca "" --nodh ""' echo '' echo 'Creates a self-signed certificate for the given hostname' echo '' @@ -51,8 +51,8 @@ function show_help { echo ' -l --location [locn] Optional location name' echo ' -o --organisation [name] Optional organisation name' echo ' -u --unit [name] Optional unit name' - echo ' --nodh Do not calculate DH params' - echo ' --ca Certificate authority cert' + echo ' --nodh "" Do not calculate DH params' + echo ' --ca "" Certificate authority cert' echo '' exit 0 } @@ -90,10 +90,12 @@ case $key in UNIT="$1" ;; --ca) + shift EXTENSIONS="-extensions v3_ca" ORGANISATION="Freedombone-CA" ;; --nodh) + shift NODH="true" ;; *) @@ -115,13 +117,13 @@ fi CERTFILE=$HOSTNAME if [[ $ORGANISATION == "Freedombone-CA" ]]; then - CERTFILE="ca-$HOSTNAME" + CERTFILE="ca-$HOSTNAME" fi openssl req -x509 $EXTENSIONS -nodes -days 3650 -sha256 \ - -subj "/O=$ORGANISATION/OU=$UNIT/C=$COUNTRY_CODE/ST=$AREA/L=$LOCATION/CN=$HOSTNAME" \ - -newkey rsa:4096 -keyout /etc/ssl/private/$CERTFILE.key \ - -out /etc/ssl/certs/$CERTFILE.crt + -subj "/O=$ORGANISATION/OU=$UNIT/C=$COUNTRY_CODE/ST=$AREA/L=$LOCATION/CN=$HOSTNAME" \ + -newkey rsa:4096 -keyout /etc/ssl/private/$CERTFILE.key \ + -out /etc/ssl/certs/$CERTFILE.crt if [ ! $NODH ]; then openssl dhparam -check -text -5 1024 -out /etc/ssl/certs/$CERTFILE.dhparam fi