summaryrefslogtreecommitdiff
path: root/sign-request.in
diff options
context:
space:
mode:
Diffstat (limited to 'sign-request.in')
-rwxr-xr-xsign-request.in33
1 files changed, 8 insertions, 25 deletions
diff --git a/sign-request.in b/sign-request.in
index b464552..e36ad7d 100755
--- a/sign-request.in
+++ b/sign-request.in
@@ -1,21 +1,11 @@
#!/bin/bash
-key_dir='#ETCDIR#/simple-pki/keys'
-
if [ -r '#ETCDIR#/simple-pki/ca.conf' ]; then
. '#ETCDIR#/simple-pki/ca.conf'
fi
cd "${0%/*}"
-remove_leading_spaces() {
- sed '
- s/^ \{'"$1"'\}//
- t
- d
- '
-}
-
tmp_dir=$(mktemp -d)
trap 'rm -rf --one-file-system "${tmp_dir}"' EXIT
@@ -29,6 +19,7 @@ while read -r csr; do
rm "${csr_local}"
continue
fi
+
content=$(
printf '%s\n' "${content}" \
| sed -n '
@@ -102,23 +93,15 @@ while read -r csr; do
rm "${csr_local}"
continue
fi
- if [ ! -f "${key_dir}/${ca_name}.key" ] \
- || [ $((2*$(date +%s) + $(stat -c%Y "${key_dir}/${ca_name}.key"))) -gt $((3*$(stat -c%Y "${key_dir}/${ca_name}.key.new"))) ]; then
- key_to_use="${key_dir}/${ca_name}.key.new"
- crt_to_use="${key_dir}/${ca_name}.crt.new"
- else
- key_to_use="${key_dir}/${ca_name}.key"
- crt_to_use="${key_dir}/${ca_name}.crt"
- fi
- openssl x509 -req \
- -CAkey "${key_to_use}" \
- -CA "${crt_to_use}" \
- -CAserial "${key_dir}/${ca_name}.srl" \
- -CAcreateserial \
+ CA=signing-ca openssl ca -batch -name signing_ca \
+ -config '#ETCDIR#/simple-pki/ca-ssl.conf' \
-in "${csr_local}" \
- -out "${csr_local%.csr}.crt"
+ -out "${csr_local%.csr}.crt" \
+ -extensions server_ext
+ cat "${csr_local%.csr}.crt" '#ETCDIR#/simple-pki/ca/signing-ca.crt' '#ETCDIR#/simple-pki/ca/root-ca.crt' \
+ > "${csr_local%.csr}.chain"
rm "${csr_local}"
done
cd "${tmp_dir}"
-tar -czf - *.crt
+tar -czf - *.crt *.chain