Reluctantly accept params

This commit is contained in:
Bob Mottram 2015-06-19 22:54:32 +01:00
parent 1fa089709e
commit 85b60e0af4
1 changed files with 9 additions and 7 deletions

View File

@ -40,7 +40,7 @@ NODH=
function show_help { function show_help {
echo '' echo ''
echo 'freedombone-addcert -h [hostname] -c [country code] -a [area] -l [location]' echo 'freedombone-addcert -h [hostname] -c [country code] -a [area] -l [location]'
echo ' -o [organisation] -u [unit]' echo ' -o [organisation] -u [unit] --ca "" --nodh ""'
echo '' echo ''
echo 'Creates a self-signed certificate for the given hostname' echo 'Creates a self-signed certificate for the given hostname'
echo '' echo ''
@ -51,8 +51,8 @@ function show_help {
echo ' -l --location [locn] Optional location name' echo ' -l --location [locn] Optional location name'
echo ' -o --organisation [name] Optional organisation name' echo ' -o --organisation [name] Optional organisation name'
echo ' -u --unit [name] Optional unit name' echo ' -u --unit [name] Optional unit name'
echo ' --nodh Do not calculate DH params' echo ' --nodh "" Do not calculate DH params'
echo ' --ca Certificate authority cert' echo ' --ca "" Certificate authority cert'
echo '' echo ''
exit 0 exit 0
} }
@ -90,10 +90,12 @@ case $key in
UNIT="$1" UNIT="$1"
;; ;;
--ca) --ca)
shift
EXTENSIONS="-extensions v3_ca" EXTENSIONS="-extensions v3_ca"
ORGANISATION="Freedombone-CA" ORGANISATION="Freedombone-CA"
;; ;;
--nodh) --nodh)
shift
NODH="true" NODH="true"
;; ;;
*) *)
@ -115,13 +117,13 @@ fi
CERTFILE=$HOSTNAME CERTFILE=$HOSTNAME
if [[ $ORGANISATION == "Freedombone-CA" ]]; then if [[ $ORGANISATION == "Freedombone-CA" ]]; then
CERTFILE="ca-$HOSTNAME" CERTFILE="ca-$HOSTNAME"
fi fi
openssl req -x509 $EXTENSIONS -nodes -days 3650 -sha256 \ openssl req -x509 $EXTENSIONS -nodes -days 3650 -sha256 \
-subj "/O=$ORGANISATION/OU=$UNIT/C=$COUNTRY_CODE/ST=$AREA/L=$LOCATION/CN=$HOSTNAME" \ -subj "/O=$ORGANISATION/OU=$UNIT/C=$COUNTRY_CODE/ST=$AREA/L=$LOCATION/CN=$HOSTNAME" \
-newkey rsa:4096 -keyout /etc/ssl/private/$CERTFILE.key \ -newkey rsa:4096 -keyout /etc/ssl/private/$CERTFILE.key \
-out /etc/ssl/certs/$CERTFILE.crt -out /etc/ssl/certs/$CERTFILE.crt
if [ ! $NODH ]; then if [ ! $NODH ]; then
openssl dhparam -check -text -5 1024 -out /etc/ssl/certs/$CERTFILE.dhparam openssl dhparam -check -text -5 1024 -out /etc/ssl/certs/$CERTFILE.dhparam
fi fi