1 files changed, 20 insertions, 14 deletions

diff --git a/scripts/subca-external-step1.sh b/scripts/subca-external-step1.sh
index d02ef72..cc0f51d 100755
--- a/scripts/subca-external-step1.sh
+++ b/scripts/subca-external-step1.sh
@@ -2,9 +2,7 @@
 
 mkdir -p tmp
 
-ROOT=`cat tmp/rootca.txt`
-
-cat > tmp/subca.cfg << EOF
+cat > tmp/subca-step1.cfg << EOF
 [DEFAULT]
 pki_pin=Secret.123
 
@@ -20,23 +18,31 @@ pki_client_database_purge=False
 pki_client_pkcs12_password=Secret.123
 
 pki_ds_base_dn=dc=ca,dc=pki,dc=example,dc=com
-pki_ds_database=ca
 pki_ds_password=Secret.123
+pki_ds_database=ca
 
-pki_security_domain_name=SUBORDINATE
-pki_token_password=Secret.123
+pki_security_domain_name=EXAMPLE
 
 pki_external=True
 pki_external_step_two=False
-pki_external_csr_path=tmp/subca.csr
 
-pki_ca_signing_subject_dn=cn=Subordinate CA Signing Certificate,o=SUBORDINATE
+pki_cert_chain_nickname=${PREFIX}external
+
+pki_ca_signing_nickname=${PREFIX}ca_signing
+pki_ca_signing_token=$TOKEN
+pki_external_csr_path=tmp/ca_signing.csr
+
+pki_ocsp_signing_nickname=${PREFIX}ca_ocsp_signing
+pki_ocsp_signing_token=$TOKEN
+
+pki_audit_signing_nickname=${PREFIX}ca_audit_signing
+pki_audit_signing_token=$TOKEN
+
+pki_sslserver_nickname=${PREFIX}sslserver/$HOSTNAME
+pki_sslserver_token=$TOKEN
 
-pki_ca_signing_nickname=ca_signing
-pki_ocsp_signing_nickname=ca_ocsp_signing
-pki_audit_signing_nickname=ca_audit_signing
-pki_sslserver_nickname=sslserver
-pki_subsystem_nickname=subsystem
+pki_subsystem_nickname=${PREFIX}subsystem/$HOSTNAME
+pki_subsystem_token=$TOKEN
 EOF
 
-pkispawn -v -f tmp/subca.cfg -s CA
+pkispawn -vvv -f tmp/subca-step1.cfg -s CA