From 9cb8eb632f1c096c9dc27d6ceb4d5b0a03505adb Mon Sep 17 00:00:00 2001 From: =?utf8?q?Felix=20D=C3=B6rre?= Date: Tue, 26 May 2015 16:42:56 +0200 Subject: [PATCH] fix: use better friendly names in pkcs12-files --- generateInfra.sh | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/generateInfra.sh b/generateInfra.sh index c95ed6e..5106869 100755 --- a/generateInfra.sh +++ b/generateInfra.sh @@ -49,7 +49,7 @@ genserver(){ #key, subject, config openssl req -new -key $1.key -out $1.csr -subj "$2" caSign $1 $year/ca/env_${year}_1 "$3" "${year}${points[1]}" "$((${year} + 2))${points[1]}" - TZ=UTC LD_PRELOAD=/usr/lib/x86_64-linux-gnu/faketime/libfaketime.so.1 FAKETIME="${year}-01-01 00:00:00" openssl pkcs12 -inkey $1.key -in $1.crt -CAfile env.chain.crt -chain -name $1 -export -passout pass:changeit -out $1.pkcs12 + TZ=UTC LD_PRELOAD=/usr/lib/x86_64-linux-gnu/faketime/libfaketime.so.1 FAKETIME="${year}-01-01 00:00:00" openssl pkcs12 -inkey $1.key -in $1.crt -CAfile env.chain.crt -chain -name $1 -export -passout pass:changeit -out $1.pkcs12 -name "$4" } @@ -59,18 +59,19 @@ cat $year/ca/env_${year}_1.ca/key.crt env.ca/key.crt root.ca/key.crt > env.chain # generate environment-keys specific to gigi. # first the server keys -genserver $year/keys/www "/CN=www.${DOMAIN}" req.cnf -genserver $year/keys/secure "/CN=secure.${DOMAIN}" req.cnf -genserver $year/keys/static "/CN=static.${DOMAIN}" req.cnf -genserver $year/keys/api "/CN=api.${DOMAIN}" req.cnf +genserver $year/keys/www "/CN=www.${DOMAIN}" req.cnf www +genserver $year/keys/secure "/CN=secure.${DOMAIN}" req.cnf secure +genserver $year/keys/static "/CN=static.${DOMAIN}" req.cnf static +genserver $year/keys/api "/CN=api.${DOMAIN}" req.cnf api # then the email signing key -genserver $year/keys/mail "/emailAddress=support@${DOMAIN}" reqMail.cnf +genserver $year/keys/mail "/emailAddress=support@${DOMAIN}" reqMail.cnf mail # then environment-keys for cassiopeia -genserver $year/keys/signer_client "/CN=CAcert signer handler 1" reqClient.cnf -genserver $year/keys/signer_server "/CN=CAcert signer 1" req.cnf +genserver $year/keys/signer_client "/CN=CAcert signer handler 1" reqClient.cnf signer_client +genserver $year/keys/signer_server "/CN=CAcert signer 1" req.cnf signer_server rm req.cnf reqMail.cnf reqClient.cnf + rm env.chain.crt -- 2.39.2