diff options
author | Endi S. Dewata <edewata@redhat.com> | 2017-07-20 08:00:56 +0200 |
---|---|---|
committer | Endi S. Dewata <edewata@redhat.com> | 2017-07-20 08:00:56 +0200 |
commit | f0f39288d640a0b0a755c49fdc08f1219c386ca7 (patch) | |
tree | 2ee3c2c647246c72100407a08cf865e81071fdaa /scripts/existing-hsm-export.sh | |
parent | 1e99e99968569712fcc6975e37f07e1c351b6d53 (diff) | |
download | pki-dev-f0f39288d640a0b0a755c49fdc08f1219c386ca7.tar.gz pki-dev-f0f39288d640a0b0a755c49fdc08f1219c386ca7.tar.xz pki-dev-f0f39288d640a0b0a755c49fdc08f1219c386ca7.zip |
Added existing CA scripts.
Diffstat (limited to 'scripts/existing-hsm-export.sh')
-rwxr-xr-x | scripts/existing-hsm-export.sh | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/scripts/existing-hsm-export.sh b/scripts/existing-hsm-export.sh new file mode 100755 index 0000000..7003ef6 --- /dev/null +++ b/scripts/existing-hsm-export.sh @@ -0,0 +1,34 @@ +#!/bin/sh -x + +rm -rf ca_signing.csr +rm -rf ca_ocsp_signing.csr +rm -rf ca_audit_signing.csr +rm -rf subsystem.csr +rm -rf sslserver.csr + + +certutil -L -d /var/lib/pki/pki-tomcat/alias -n "edewata/pki-tomcat/ca_signing" -a > ca_signing.crt +#certutil -L -d /var/lib/pki/pki-tomcat/alias -n "edewata/pki-tomcat/ca_ocsp_signing" -a > ca_ocsp_signing.crt +#certutil -L -d /var/lib/pki/pki-tomcat/alias -n "edewata/pki-tomcat/ca_audit_signing" -a > ca_audit_signing.crt +#certutil -L -d /var/lib/pki/pki-tomcat/alias -n "edewata/pki-tomcat/subsystem" -a > subsystem.crt +#certutil -L -d /var/lib/pki/pki-tomcat/alias -n "edewata/pki-tomcat/sslserver" -a > sslserver.crt + +echo "-----BEGIN NEW CERTIFICATE REQUEST-----" > ca_signing.csr +sed -n "/^ca.signing.certreq=/ s/^[^=]*=// p" < /var/lib/pki/pki-tomcat/ca/conf/CS.cfg >> ca_signing.csr +echo "-----END NEW CERTIFICATE REQUEST-----" >> ca_signing.csr + +#echo "-----BEGIN NEW CERTIFICATE REQUEST-----" > ca_ocsp_signing.csr +#sed -n "/^ca.ocsp_signing.certreq=/ s/^[^=]*=// p" < /var/lib/pki/pki-tomcat/ca/conf/CS.cfg >> ca_ocsp_signing.csr +#echo "-----END NEW CERTIFICATE REQUEST-----" >> ca_ocsp_signing.csr + +#echo "-----BEGIN NEW CERTIFICATE REQUEST-----" > ca_audit_signing.csr +#sed -n "/^ca.audit_signing.certreq=/ s/^[^=]*=// p" < /var/lib/pki/pki-tomcat/ca/conf/CS.cfg >> ca_audit_signing.csr +#echo "-----END NEW CERTIFICATE REQUEST-----" >> ca_audit_signing.csr + +#echo "-----BEGIN NEW CERTIFICATE REQUEST-----" > subsystem.csr +#sed -n "/^ca.subsystem.certreq=/ s/^[^=]*=// p" < /var/lib/pki/pki-tomcat/ca/conf/CS.cfg >> subsystem.csr +#echo "-----END NEW CERTIFICATE REQUEST-----" >> subsystem.csr + +#echo "-----BEGIN NEW CERTIFICATE REQUEST-----" > sslserver.csr +#sed -n "/^ca.sslserver.certreq=/ s/^[^=]*=// p" < /var/lib/pki/pki-tomcat/ca/conf/CS.cfg >> sslserver.csr +#echo "-----END NEW CERTIFICATE REQUEST-----" >> sslserver.csr |