summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorErich Eckner <git@eckner.net>2019-09-01 23:15:54 +0200
committerErich Eckner <git@eckner.net>2019-09-01 23:15:54 +0200
commitf46afcd7a0cd2f38a99b24257fcfb218f6bfa1fe (patch)
tree56512468e68b24a54f9053c1fd78f6e64bcaf4ec
parent4a7ae1a8d38cb99f3b4decaffc8f15573ebb840e (diff)
downloadsimple-pki-f46afcd7a0cd2f38a99b24257fcfb218f6bfa1fe.tar.xz
sign-request.in: set correct issuer
-rwxr-xr-xsign-request.in10
1 files changed, 9 insertions, 1 deletions
diff --git a/sign-request.in b/sign-request.in
index e64ed93..6266e45 100755
--- a/sign-request.in
+++ b/sign-request.in
@@ -98,10 +98,18 @@ while read -r csr; do
if [ ! -f "${key_dir}/${ca_name}.key" ] \
|| [ $((2*$(date +%s) + $(stat -c%Y "${key_dir}/${ca_name}.key"))) -gt 3*$(stat -c%Y "${key_dir}/${ca_name}.key.new"))) ]; then
key_to_use="${key_dir}/${ca_name}.key.new"
+ crt_to_use="${key_dir}/${ca_name}.crt.new"
else
key_to_use="${key_dir}/${ca_name}.key"
+ crt_to_use="${key_dir}/${ca_name}.crt"
fi
- openssl req -x509 -key "${key_to_use}" -in "${csr_local}" -out "${csr_local%.csr}.crt" -addext 'basicConstraints = critical, CA:false'
+ openssl x509 -req \
+ -CAkey "${key_to_use}" \
+ -CA "${crt_to_use}" \
+ -CAserial "${key_dir}/${ca_name}.srl" \
+ -CAcreateserial \
+ -in "${csr_local}" \
+ -out "${csr_local%.csr}.crt"
rm "${csr_local}"
done