diff options
Diffstat (limited to 'sign-request.in')
| -rwxr-xr-x | sign-request.in | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/sign-request.in b/sign-request.in index 52b481e..0185cf4 100755 --- a/sign-request.in +++ b/sign-request.in @@ -14,6 +14,13 @@ remove_leading_spaces() { ' } +if [ -f '#ETCDIR#/simple-pki/ca/root-ca.old.crt' ] \ +&& [ "$(stat -c%Y '#ETCDIR#/simple-pki/ca/root-ca.old.crt')" -ge "$(($(date +%s)-60*60*24*ca_min_duration))" ]; then + export CA=signing-ca.old +else + export CA=signing-ca +fi + tmp_dir=$(mktemp -d) trap 'rm -rf --one-file-system "${tmp_dir}"' EXIT @@ -95,7 +102,7 @@ while read -r csr; do rm "${csr_local}" continue fi - if ! CA=signing-ca openssl ca -batch -name signing_ca \ + if ! openssl ca -batch -name signing_ca \ -config '#ETCDIR#/simple-pki/ca-ssl.conf' \ -in "${csr_local}" \ -out "${csr_local%.csr}.crt" \ |