summaryrefslogtreecommitdiffstats
path: root/scripts/subca-cmc-sign.sh
diff options
context:
space:
mode:
Diffstat (limited to 'scripts/subca-cmc-sign.sh')
-rwxr-xr-xscripts/subca-cmc-sign.sh74
1 files changed, 3 insertions, 71 deletions
diff --git a/scripts/subca-cmc-sign.sh b/scripts/subca-cmc-sign.sh
index 9a512ad..42daebd 100755
--- a/scripts/subca-cmc-sign.sh
+++ b/scripts/subca-cmc-sign.sh
@@ -1,74 +1,6 @@
#!/bin/sh
-mkdir -p tmp
+#pki cert-show 0x1 --output tmp/external.crt
+#openssl crl2pkcs7 -nocrl -certfile tmp/external.crt -out tmp/cert_chain.p7b
-cat > tmp/subca-cmc-request.cfg << EOF
-# NSS database directory.
-dbdir=$HOME/.dogtag/nssdb
-
-# NSS database password.
-password=Secret.123
-
-# Token name (default is internal).
-tokenname=internal
-
-# Nickname for agent certificate.
-nickname=caadmin
-
-# Request format: pkcs10 or crmf.
-format=pkcs10
-
-# Total number of PKCS10/CRMF requests.
-numRequests=1
-
-# Path to the PKCS10/CRMF request.
-# The content must be in Base-64 encoded format.
-# Multiple files are supported. They must be separated by space.
-input=$PWD/tmp/subca.csr
-
-# Path for the CMC request in binary format
-output=$PWD/tmp/subca-cmc-request.bin
-EOF
-
-CMCRequest tmp/subca-cmc-request.cfg
-
-cat > tmp/subca-cmc-submit.cfg << EOF
-# PKI server host name.
-host=$HOSTNAME
-
-# PKI server port number.
-port=8443
-
-# Use secure connection.
-# For secure connection with ECC, set environment variable 'export NSS_USE_DECODED_CKA_EC_POINT=1'.
-secure=true
-
-# Use client authentication.
-clientmode=true
-
-# NSS database directory.
-dbdir=$HOME/.dogtag/nssdb
-
-# NSS database password.
-password=Secret.123
-
-# Token name (default: internal).
-tokenname=internal
-
-# Nickname of agent certificate.
-nickname=caadmin
-
-# CMC servlet path
-#servlet=/ca/ee/ca/profileSubmitCMCFull
-servlet=/ca/ee/ca/profileSubmitCMCFull?profileId=caCMCcaCert
-
-# Path for the CMC request.
-input=tmp/subca-cmc-request.bin
-
-# Path for the CMC response.
-output=tmp/subca-cmc-response.bin
-EOF
-
-HttpClient tmp/subca-cmc-submit.cfg
-
-CMCResponse -i tmp/subca-cmc-response.bin -o tmp/subca.crt
+./ca_signing-cmc-sign.sh
generated by cgit (git 2.34.1) at 2024-05-27 21:56:44 +0000