Improve crtkey-gen script

1 files changed, 5 insertions, 3 deletions

diff --git a/bin/crtkey-gen.sh b/bin/crtkey-gen.sh
index 9355c43..b443232 100755
--- a/bin/crtkey-gen.sh
+++ b/bin/crtkey-gen.sh
@@ -18,6 +18,7 @@ KEYDIR=$CERTDIR
 CSRDIR=$CERTDIR
 CADIR="$HOME/park-admin/playbooks-ansible/roles/imserver/files/certs/../.CA-2"
 
+read -s -p "Password Root CA: " MONCAPASSWD
 
 
 # pour la génération de certificats client
@@ -65,23 +66,24 @@ if [[ "$?" -eq "0" ]]
 then
     for i in $SERVERHOST
     do
-        openssl ca -batch -config openssl-server.cnf -in $CSRDIR/$DOMAIN.$i.$SERIAL.csr -out $CERTDIR/$DOMAIN.$i.$SERIAL.crt
+        openssl ca -batch -passin env:MONCAPASSWD -config openssl-server.cnf -in $CSRDIR/$DOMAIN.$i.$SERIAL.csr -out $CERTDIR/$DOMAIN.$i.$SERIAL.crt
     done
 
     for i in $CLIENTHOST
     do
-        openssl ca -batch -config openssl-client.cnf -in $CSRDIR/$i.$SERIAL.csr -out $CERTDIR/$i.$SERIAL.crt
+        openssl ca -batch -passin env:MONCAPASSWD -config openssl-client.cnf -in $CSRDIR/$i.$SERIAL.csr -out $CERTDIR/$i.$SERIAL.crt
     done
 
     for i in $SERVICELIST
     do
-        openssl ca -batch -config openssl-server.cnf -in $CSRDIR/$DOMAIN.$i.$SERIAL.csr -out $CERTDIR/$DOMAIN.$i.$SERIAL.crt
+        openssl ca -batch -passin env:MONCAPASSWD -config openssl-server.cnf -in $CSRDIR/$DOMAIN.$i.$SERIAL.csr -out $CERTDIR/$DOMAIN.$i.$SERIAL.crt
     done
     popd >/dev/null
 else
     echo "CA inaccessible !"
 fi
 
+MONCAPASSWD=""
 
 
 # afficher fingerprint de la clé publique pour le service jabber