Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
  • 3 commits
  • 1 file changed
  • 0 comments
  • 1 contributor
Dec 12, 2011
CarbonLifeForm CarbonLifeForm Added -file -out -policy parameters to -sign(req)
for the -sign and -signreq modes
-file=<file> specifies the signing request
-out=<file> specifies the file the request should be output to
-policy=<policy section> specifies which policies it must be bound to
-name=<name> is a quick prefix that will substitute a filename prefix
where -file and/or -out have not been specified.
4a69b59
CarbonLifeForm CarbonLifeForm -ext added to -sign/-signreq
Added an extension parameter to the -sign/-signreq in the form of
-ext=<extension section name>
de5735b
Dec 13, 2011
CarbonLifeForm CarbonLifeForm -signCA got parameters -file -out -name -policy
-signCA's behaiviour can now be modified with -file=<filename> to change
from the default input file, -out=<filename> to move the default output
filename, -name=<prefix> modifies the default filenames for input and
output where they are unspecified, -policy=<section> determines which
policy to use and defaults to policy_anything when unspecified.
607d167

Showing 1 changed file with 38 additions and 5 deletions. Show diff stats Hide diff stats

  1. +38 5 CA.sh
43 CA.sh
@@ -254,15 +254,48 @@ case $1 in
254 254 exit $RET
255 255 ;;
256 256 -sign|-signreq)
257   - $CA -policy policy_anything -out newcert.pem -infiles newreq.pem
  257 + until (is_mode $2)
  258 + do
  259 + shift
  260 + case $1 in
  261 + -policy=*) polset="${1#-*=}"
  262 + ;;
  263 + -file=*) infile="${1#-*=}"
  264 + ;;
  265 + -name=*) fileprefix="${1#-*=}"
  266 + ;;
  267 + -out=*) outfile="${1#-*=}"
  268 + ;;
  269 + -ext=*) v3ext="-extensions ${1#-*=}"
  270 + esac
  271 + done
  272 +
  273 + $CA -policy ${polset:-policy_anything} $v3ext -out ${outfile:=${name:-new}cert.pem} -infiles ${infile:-${name:-new}req.pem}
258 274 RET=$?
259   - cat newcert.pem
260   - echo "Signed certificate is in newcert.pem"
  275 + cat $outfile
  276 + echo "Signed certificate is in $outfile"
  277 + unset polset infile fileprefix outfile ext
261 278 ;;
262 279 -signCA)
263   - $CA -policy policy_anything -out newcert.pem -extensions v3_ca -infiles newreq.pem
  280 + until (is_mode $2)
  281 + do
  282 + shift
  283 + case $1 in
  284 + -policy=*) polset="${1#-*=}"
  285 + ;;
  286 + -out=*) outfile="${1#-*=}"
  287 + ;;
  288 + -file=*) infile="${1#-*=}"
  289 + ;;
  290 + -name=*) fileprefix="${1#-*=}"
  291 + ;;
  292 + esac
  293 + done
  294 +
  295 + $CA -policy ${polset:-policy_anything} -out ${outfile:=${fileprefix:-new}cert.pem} -extensions v3_ca -infiles ${infile:-${fileprefix:-new}req.pem}
264 296 RET=$?
265   - echo "Signed CA certificate is in newcert.pem"
  297 + echo "Signed CA certificate is in $outfile"
  298 + unset polset outfile infile fileprefix
266 299 ;;
267 300 -signcert)
268 301 echo "Cert passphrase will be requested twice - bug?"

No commit comments for this range

Something went wrong with that request. Please try again.