summaryrefslogtreecommitdiff
path: root/sign-request.in
diff options
context:
space:
mode:
authorErich Eckner <git@eckner.net>2019-09-03 11:00:14 +0200
committerErich Eckner <git@eckner.net>2019-09-03 11:00:14 +0200
commitd31cb82fb532098a8a8ea4acfb13a09b55b6c452 (patch)
tree518d102fdab3cded8155344e3908705974f086d1 /sign-request.in
parent6ef9ed3ba2e187b0a4efd1fd8f2ee922ab01c777 (diff)
downloadsimple-pki-d31cb82fb532098a8a8ea4acfb13a09b55b6c452.tar.xz
sign-request.in: check SANs via http if csr was not retrieved via https
Diffstat (limited to 'sign-request.in')
-rwxr-xr-xsign-request.in2
1 files changed, 1 insertions, 1 deletions
diff --git a/sign-request.in b/sign-request.in
index 3de4e56..52b481e 100755
--- a/sign-request.in
+++ b/sign-request.in
@@ -78,7 +78,7 @@ while read -r csr; do
ok_sans=$(
printf '%s\n' "${cn}" "${sans}" \
| while read -r san; do
- if ! curl --connect-timeout 10 -Ss --insecure 'https://'"${san}/${csr#*//*/}" \
+ if ! curl --connect-timeout 10 -Ss --insecure "${csr%%://*}"'://'"${san}/${csr#*//*/}" \
| diff -q - "${csr_local}"; then
>&2 printf 'invalid san "%s" - skipping\n' "${san}"
rm "${csr_local}"