diff options
author | Matthieu Saulnier <fantom@fedoraproject.org> | 2023-02-11 21:24:36 +0100 |
---|---|---|
committer | Matthieu Saulnier <fantom@fedoraproject.org> | 2023-02-11 21:24:36 +0100 |
commit | 048163869dcaf427189c3556bc88e9455d3dd188 (patch) | |
tree | c3cc63a8e0c207a1b0f0f09e19a0df4276effc20 /bin | |
parent | a038de8d26e8eb0a58b3525767cae446b97589e1 (diff) | |
download | playbooks-ansible-048163869dcaf427189c3556bc88e9455d3dd188.tar.gz playbooks-ansible-048163869dcaf427189c3556bc88e9455d3dd188.tar.xz playbooks-ansible-048163869dcaf427189c3556bc88e9455d3dd188.zip |
Improve crtkey-gen script
Diffstat (limited to 'bin')
-rwxr-xr-x | bin/crtkey-gen.sh | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/bin/crtkey-gen.sh b/bin/crtkey-gen.sh index 9355c43..b443232 100755 --- a/bin/crtkey-gen.sh +++ b/bin/crtkey-gen.sh @@ -18,6 +18,7 @@ KEYDIR=$CERTDIR CSRDIR=$CERTDIR CADIR="$HOME/park-admin/playbooks-ansible/roles/imserver/files/certs/../.CA-2" +read -s -p "Password Root CA: " MONCAPASSWD # pour la génération de certificats client @@ -65,23 +66,24 @@ if [[ "$?" -eq "0" ]] then for i in $SERVERHOST do - openssl ca -batch -config openssl-server.cnf -in $CSRDIR/$DOMAIN.$i.$SERIAL.csr -out $CERTDIR/$DOMAIN.$i.$SERIAL.crt + openssl ca -batch -passin env:MONCAPASSWD -config openssl-server.cnf -in $CSRDIR/$DOMAIN.$i.$SERIAL.csr -out $CERTDIR/$DOMAIN.$i.$SERIAL.crt done for i in $CLIENTHOST do - openssl ca -batch -config openssl-client.cnf -in $CSRDIR/$i.$SERIAL.csr -out $CERTDIR/$i.$SERIAL.crt + openssl ca -batch -passin env:MONCAPASSWD -config openssl-client.cnf -in $CSRDIR/$i.$SERIAL.csr -out $CERTDIR/$i.$SERIAL.crt done for i in $SERVICELIST do - openssl ca -batch -config openssl-server.cnf -in $CSRDIR/$DOMAIN.$i.$SERIAL.csr -out $CERTDIR/$DOMAIN.$i.$SERIAL.crt + openssl ca -batch -passin env:MONCAPASSWD -config openssl-server.cnf -in $CSRDIR/$DOMAIN.$i.$SERIAL.csr -out $CERTDIR/$DOMAIN.$i.$SERIAL.crt done popd >/dev/null else echo "CA inaccessible !" fi +MONCAPASSWD="" # afficher fingerprint de la clé publique pour le service jabber |