Blame SPECS/renew-dummy-cert
|
Packit |
c4476c |
#!/bin/bash
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
if [ $# -eq 0 ]; then
|
|
Packit |
c4476c |
echo $"Usage: `basename $0` filename" 1>&2
|
|
Packit |
c4476c |
exit 1
|
|
Packit |
c4476c |
fi
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
PEM=$1
|
|
Packit |
c4476c |
REQ=`/bin/mktemp /tmp/openssl.XXXXXX`
|
|
Packit |
c4476c |
KEY=`/bin/mktemp /tmp/openssl.XXXXXX`
|
|
Packit |
c4476c |
CRT=`/bin/mktemp /tmp/openssl.XXXXXX`
|
|
Packit |
c4476c |
NEW=${PEM}_
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
trap "rm -f $REQ $KEY $CRT $NEW" SIGINT
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
if [ ! -f $PEM ]; then
|
|
Packit |
c4476c |
echo "$PEM: file not found" 1>&2
|
|
Packit |
c4476c |
exit 1
|
|
Packit |
c4476c |
fi
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
umask 077
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
OWNER=`ls -l $PEM | awk '{ printf "%s.%s", $3, $4; }'`
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
openssl rsa -inform pem -in $PEM -out $KEY
|
|
Packit |
c4476c |
openssl x509 -x509toreq -in $PEM -signkey $KEY -out $REQ
|
|
Packit |
c4476c |
openssl x509 -req -in $REQ -signkey $KEY -days 365 \
|
|
Packit |
c4476c |
-extfile /etc/pki/tls/openssl.cnf -extensions v3_ca -out $CRT
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
(cat $KEY ; echo "" ; cat $CRT) > $NEW
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
chown $OWNER $NEW
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
mv -f $NEW $PEM
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
rm -f $REQ $KEY $CRT
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
exit 0
|
|
Packit |
c4476c |
|