diff options
| author | Erich Eckner <git@eckner.net> | 2019-09-02 11:58:43 +0200 |
|---|---|---|
| committer | Erich Eckner <git@eckner.net> | 2019-09-02 12:03:10 +0200 |
| commit | 582e673f51940f03d4e82f7e833d6c0ca104c6b1 (patch) | |
| tree | 82e830b9d50851cf184cf7adfd4d0c91511459ee | |
| parent | 01335375ec4b1d8d9b5c2f8af7b560bca09796ce (diff) | |
| download | simple-pki-582e673f51940f03d4e82f7e833d6c0ca104c6b1.tar.xz | |
do not create missing stuff in sign-ca, but install it in install-ca
| -rw-r--r-- | Makefile | 10 | ||||
| -rwxr-xr-x | sign-ca.in | 11 |
2 files changed, 10 insertions, 11 deletions
@@ -45,6 +45,16 @@ install-ca: install -D -m0755 -t $(DESTDIR)$(BINDIR) sign-ca sign-request install -D -m0644 -t $(DESTDIR)$(ETCDIR)/simple-pki etc/ca.conf etc/ca-ssl.conf install -D -m0644 -t $(DESTDIR)$(LIBDIR)/systemd/system sign-ca.service sign-ca.timer + install -d -m0755 $(DESTDIR)$(ETCDIR)/simple-pki/ca/root-ca/db $(DESTDIR)$(ETCDIR)/simple-pki/ca/signing-ca/db $(DESTDIR)$(ETCDIR)/simple-pki/crl $(DESTDIR)$(ETCDIR)/simple-pki/certs + install -d -m0700 $(DESTDIR)$(ETCDIR)/simple-pki/ca/root-ca/private $(DESTDIR)$(ETCDIR)/simple-pki/ca/signing-ca/private + install -m 644 -t $(DESTDIR)$(ETCDIR)/simple-pki/ca/root-ca/db/root-ca.db /dev/null + install -m 644 -t $(DESTDIR)$(ETCDIR)/simple-pki/ca/signing-ca/db/signing-ca.db /dev/null + install -m 644 -t $(DESTDIR)$(ETCDIR)/simple-pki/ca/root-ca/db/root-ca.db.attr /dev/null + install -m 644 -t $(DESTDIR)$(ETCDIR)/simple-pki/ca/signing-ca/db/signing-ca.db.attr /dev/null + echo 01 | install -m 644 -t $(DESTDIR)$(ETCDIR)/simple-pki/ca/root-ca/db/root-ca.crt.srl /dev/stdin + echo 01 | install -m 644 -t $(DESTDIR)$(ETCDIR)/simple-pki/ca/signing-ca/db/signing-ca.crt.srl /dev/stdin + echo 01 | install -m 644 -t $(DESTDIR)$(ETCDIR)/simple-pki/ca/root-ca/db/root-ca.crl.srl /dev/stdin + echo 01 | install -m 644 -t $(DESTDIR)$(ETCDIR)/simple-pki/ca/signing-ca/db/signing-ca.crl.srl /dev/stdin install-cb: install -D -m0755 -t $(DESTDIR)$(BINDIR) rotate-keys @@ -13,17 +13,6 @@ if [ -n "${ca_user}" ] \ exec su "${ca_user}" -c "$0" fi -for ca in root signing; do - mkdir -p '#ETCDIR#/simple-pki/ca/'"${ca}"'-ca/private' '#ETCDIR#/simple-pki/ca/'"${ca}"'-ca/db' '#ETCDIR#/simple-pki/crl' '#ETCDIR#/simple-pki/certs' - chmod 700 '#ETCDIR#/simple-pki/ca/'"${ca}"'-ca/private' - if [ ! -f '#ETCDIR#/simple-pki/ca/'"${ca}"'-ca/db/'"${ca}"'-ca.db' ]; then - cp /dev/null '#ETCDIR#/simple-pki/ca/'"${ca}"'-ca/db/'"${ca}"'-ca.db' - cp /dev/null '#ETCDIR#/simple-pki/ca/'"${ca}"'-ca/db/'"${ca}"'-ca.db.attr' - echo 01 > '#ETCDIR#/simple-pki/ca/'"${ca}"'-ca/db/'"${ca}"'-ca.crt.srl' - echo 01 > '#ETCDIR#/simple-pki/ca/'"${ca}"'-ca/db/'"${ca}"'-ca.crl.srl' - fi -done - if [ -f '#ETCDIR#/simple-pki/ca/root-ca.crt' ]; then if [ ! -f '#ETCDIR#/simple-pki/ca/root-ca.crt.old' ] \ || [ "$(stat -c%Y '#ETCDIR#/simple-pki/ca/root-ca.crt.old')" -lt "$(($(date +%s)-60*60*24*ca_min_duration))" ]; then |