Skip to content
Permalink
Browse files

Fix pki new-ca not checking for existing ca files

fixes #10677
  • Loading branch information...
dnsmichi committed Nov 19, 2015
1 parent 7a3edc4 commit 530c7c7fcc586ed55ddfa82ad47944bbe77b5d4a
Showing with 8 additions and 5 deletions.
  1. +8 −5 lib/cli/pkiutility.cpp
@@ -45,17 +45,20 @@ String PkiUtility::GetLocalCaPath(void)

int PkiUtility::NewCa(void)
{
String cadir = GetLocalCaPath();
String caDir = GetLocalCaPath();
String caCertFile = caDir + "/ca.crt";
String caKeyFile = caDir + "/ca.key";
String caSerialFile = caDir + "/serial.txt";

if (Utility::PathExists(cadir)) {
if (Utility::PathExists(caCertFile) && Utility::PathExists(caKeyFile)) {
Log(LogCritical, "cli")
<< "CA directory '" << cadir << "' already exists.";
<< "CA files '" << caCertFile << "' and '" << caKeyFile << "'already exist.";
return 1;
}

Utility::MkDirP(cadir, 0700);
Utility::MkDirP(caDir, 0700);

MakeX509CSR("Icinga CA", cadir + "/ca.key", String(), cadir + "/ca.crt", cadir + "/serial.txt", true);
MakeX509CSR("Icinga CA", caKeyFile, String(), caCertFile, caSerialFile, true);

return 0;
}

0 comments on commit 530c7c7

Please sign in to comment.
You can’t perform that action at this time.