diff options
Diffstat (limited to 'scripts/subca-external-step1.sh')
-rwxr-xr-x | scripts/subca-external-step1.sh | 34 |
1 files changed, 20 insertions, 14 deletions
diff --git a/scripts/subca-external-step1.sh b/scripts/subca-external-step1.sh index d02ef72..cc0f51d 100755 --- a/scripts/subca-external-step1.sh +++ b/scripts/subca-external-step1.sh @@ -2,9 +2,7 @@ mkdir -p tmp -ROOT=`cat tmp/rootca.txt` - -cat > tmp/subca.cfg << EOF +cat > tmp/subca-step1.cfg << EOF [DEFAULT] pki_pin=Secret.123 @@ -20,23 +18,31 @@ pki_client_database_purge=False pki_client_pkcs12_password=Secret.123 pki_ds_base_dn=dc=ca,dc=pki,dc=example,dc=com -pki_ds_database=ca pki_ds_password=Secret.123 +pki_ds_database=ca -pki_security_domain_name=SUBORDINATE -pki_token_password=Secret.123 +pki_security_domain_name=EXAMPLE pki_external=True pki_external_step_two=False -pki_external_csr_path=tmp/subca.csr -pki_ca_signing_subject_dn=cn=Subordinate CA Signing Certificate,o=SUBORDINATE +pki_cert_chain_nickname=${PREFIX}external + +pki_ca_signing_nickname=${PREFIX}ca_signing +pki_ca_signing_token=$TOKEN +pki_external_csr_path=tmp/ca_signing.csr + +pki_ocsp_signing_nickname=${PREFIX}ca_ocsp_signing +pki_ocsp_signing_token=$TOKEN + +pki_audit_signing_nickname=${PREFIX}ca_audit_signing +pki_audit_signing_token=$TOKEN + +pki_sslserver_nickname=${PREFIX}sslserver/$HOSTNAME +pki_sslserver_token=$TOKEN -pki_ca_signing_nickname=ca_signing -pki_ocsp_signing_nickname=ca_ocsp_signing -pki_audit_signing_nickname=ca_audit_signing -pki_sslserver_nickname=sslserver -pki_subsystem_nickname=subsystem +pki_subsystem_nickname=${PREFIX}subsystem/$HOSTNAME +pki_subsystem_token=$TOKEN EOF -pkispawn -v -f tmp/subca.cfg -s CA +pkispawn -vvv -f tmp/subca-step1.cfg -s CA |