1 files changed, 20 insertions, 21 deletions

diff --git a/scripts/ca-clone-create.sh b/scripts/ca-clone-create.sh
index b890789..251cc7a 100755
--- a/scripts/ca-clone-create.sh
+++ b/scripts/ca-clone-create.sh
@@ -1,14 +1,12 @@
 #!/bin/sh -x
 
-MASTER=`cat master.txt`
+mkdir -p tmp
 
-/bin/cp ca_backup_keys.p12 /tmp
-/bin/cp ca_admin.cert /tmp
-/bin/cp ca_admin_cert.p12 /tmp
+MASTER=`cat tmp/master.txt`
 
-cat > ca-clone.cfg << EOF
-#[DEFAULT]
-#pki_pin=Secret.123
+cat > tmp/ca-clone.cfg << EOF
+[DEFAULT]
+pki_pin=Secret.123
 
 [CA]
 pki_admin_email=caadmin@example.com
@@ -37,12 +35,14 @@ pki_clone=True
 pki_clone_replicate_schema=True
 pki_clone_uri=https://$MASTER:8443
 
-# PKI 9
-#pki_ca_signing_nickname=caSigningCert cert-pki-ca
-#pki_ocsp_signing_nickname=ocspSigningCert cert-pki-ca
-#pki_audit_signing_nickname=auditSigningCert cert-pki-ca
-#pki_ssl_server_nickname=Server-Cert cert-pki-ca
-#pki_subsystem_nickname=subsystemCert cert-pki-ca
+# Dogtag 10.3
+#pki_server_pkcs12_path=$PWD/tmp/ca-certs.p12
+#pki_server_pkcs12_password=Secret.123
+
+# Dogtag 10.2
+pki_clone_pkcs12_password=Secret.123
+#pki_clone_pkcs12_path=$PWD/tmp/ca_backup_keys.p12
+pki_clone_pkcs12_path=$PWD/tmp/ca-certs.p12
 
 # PKI 10
 pki_ca_signing_nickname=ca_signing
@@ -51,13 +51,12 @@ pki_audit_signing_nickname=ca_audit_signing
 pki_ssl_server_nickname=sslserver
 pki_subsystem_nickname=subsystem
 
-# Dogtag 10.2 only
-pki_clone_pkcs12_password=Secret.123
-pki_clone_pkcs12_path=/tmp/ca_backup_keys.p12
-
-# Dogtag 10.3 only
-#pki_server_pkcs12_path=pki-server.p12
-#pki_server_pkcs12_password=Secret.123
+# PKI 9
+#pki_ca_signing_nickname=caSigningCert cert-pki-ca
+#pki_ocsp_signing_nickname=ocspSigningCert cert-pki-ca
+#pki_audit_signing_nickname=auditSigningCert cert-pki-ca
+#pki_ssl_server_nickname=Server-Cert cert-pki-ca
+#pki_subsystem_nickname=subsystemCert cert-pki-ca
 EOF
 
-pkispawn -vvv -f ca-clone.cfg -s CA
+pkispawn -vvv -f tmp/ca-clone.cfg -s CA