]> WPIA git - nre.git/blobdiff - verify.sh
projects / nre.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
upd: generate drop-in-able configs for gigi
[nre.git] / verify.sh
diff --git a/verify.sh b/verify.sh
index 3890eb56e2e3aa80d5ed17ddc89a1709b93ab12b..c689eec9db51c832cc473e44f3124a8f9e933bb8 100755 (executable)
--- a/verify.sh
+++ b/verify.sh
@@ -10,6 +10,7 @@ verify(){ # crt, [untrusted], additional
     untrusted="$2"
     [[ "$untrusted" != "" ]] && untrusted="-untrusted $untrusted"
     openssl verify $3 -CAfile root.ca/key.crt $untrusted "$1" || error "$1 did not verify"
+    echo openssl verify $3 -CAfile root.ca/key.crt $untrusted "$1" || error "$1 did not verify"
 }
 
 error() { # message
@@ -71,7 +72,7 @@ done
 # Verify infra keys
 cat env.ca/key.crt $year/ca/env_${year}_1.ca/key.crt > envChain.crt
 
-for key in $SERVER_KEYS; do
+for key in $SERVER_KEYS signer_client signer_server; do
     verify ${year}/keys/$key.crt envChain.crt
     verifyExtlist "$(openssl x509 -in "${year}/keys/$key.crt" -noout -text)" critical "X509v3 Extended Key Usage: 
 "
WPIA Root Certificate Generation Procedure