lauri
/
certidude
mirror of https://github.com/laurivosandi/certidude
1
0
Fork 0
Code Issues Activity
certidude/certidude/templates/snippets/request-common.sh

17 lines
1.2 KiB
Bash
Raw Blame History

# Delete CA certificate if checksum doesn't match
echo {{ session.authority.certificate.md5sum }} /etc/certidude/authority/{{ session.authority.hostname }}/ca_cert.pem | md5sum -c \
|| rm -fv /etc/certidude/authority/{{ session.authority.hostname }}/*.pem
{% include "snippets/store-authority.sh" %}
{% include "snippets/update-trust.sh" %}
# Generate private key
test -e /etc/certidude/authority/{{ session.authority.hostname }}/host_key.pem \
|| {% if session.authority.certificate.algorithm == "ec" %}openssl ecparam -name secp384r1 -genkey -noout \
-out /etc/certidude/authority/{{ session.authority.hostname }}/host_key.pem{% else %}openssl genrsa \
-out /etc/certidude/authority/{{ session.authority.hostname }}/host_key.pem 2048{% endif %}
test -e /etc/certidude/authority/{{ session.authority.hostname }}/host_req.pem \
|| openssl req -new -sha384 -subj "/CN=$NAME" \
-key /etc/certidude/authority/{{ session.authority.hostname }}/host_key.pem \
-out /etc/certidude/authority/{{ session.authority.hostname }}/host_req.pem
echo "If CSR submission fails, you can copy paste it to Certidude:"
cat /etc/certidude/authority/{{ session.authority.hostname }}/host_req.pem
Reference in New Issue View Git Blame Copy Permalink