/[pdpsoft]/nl.nikhef.pdp.tcs/nl.nikhef.pdp.tcs.tcsg4-tools/trunk/tcsg4-install-credential.sh
ViewVC logotype

Diff of /nl.nikhef.pdp.tcs/nl.nikhef.pdp.tcs.tcsg4-tools/trunk/tcsg4-install-credential.sh

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

revision 3298 by davidg, Sat Jun 20 08:57:42 2020 UTC revision 3299 by davidg, Fri Jul 17 09:10:31 2020 UTC
# Line 30  DATE=`date +%Y%m%d-%H%M%S` Line 30  DATE=`date +%Y%m%d-%H%M%S`
30  progname=`basename "$0"`  progname=`basename "$0"`
31  bckprefix=backup  bckprefix=backup
32  makecsr=0  makecsr=0
33    newpass=0
34  nameformat=  nameformat=
35  certfn=  certfn=
36    
# Line 77  case "$1" in Line 78  case "$1" in
78  -n | --name )              friendlyname="$2"; shift 2 ;;  -n | --name )              friendlyname="$2"; shift 2 ;;
79  -d | --destination )       destdir="$2"; shift 2 ;;  -d | --destination )       destdir="$2"; shift 2 ;;
80  -p | --passfile )          passfile="$2" ; shift 2 ;;  -p | --passfile )          passfile="$2" ; shift 2 ;;
81    --newpass )                newpass=1 ; shift ;;
82  -* )                       echo "Unknown option $1, exiting" >&2 ; exit 1 ;;  -* )                       echo "Unknown option $1, exiting" >&2 ; exit 1 ;;
83  *  )                       break ;;  *  )                       break ;;
84  esac  esac
# Line 115  else Line 117  else
117    done    done
118  fi  fi
119  if [ -z "$PW" ]; then echo "Empty password is not allowed" >&2; exit 2; fi  if [ -z "$PW" ]; then echo "Empty password is not allowed" >&2; exit 2; fi
120  export PW  
121    if [ $newpass -ne 0 ]; then
122      while [ x"$NPW" = x"" ]; do
123        echo -ne "NEW Passphrase for your secret key and PKCS#12 package: "
124        stty -echo ; read NPW ; stty echo
125        echo ""
126      done
127    else
128      NPW="$PW"
129    fi
130    
131    export PW NPW
132    
133  # ############################################################################  # ############################################################################
134  # extraction of Sectigo blob of crap  # extraction of Sectigo blob of crap
# Line 128  if [ ! -d "$tempdir" ]; then Line 141  if [ ! -d "$tempdir" ]; then
141  fi  fi
142    
143  openssl pkcs12 -nomacver -password env:PW -in "$pkfile" \  openssl pkcs12 -nomacver -password env:PW -in "$pkfile" \
144      -passout env:PW -out "$tempdir/crap-$credbase.pem"      -passout env:NPW -out "$tempdir/crap-$credbase.pem"
145    
146  if [ $? -ne 0 ]; then  if [ $? -ne 0 ]; then
147    echo "Error: cannot extract data from PKCS12 file $pkfile" >&2    echo "Error: cannot extract data from PKCS12 file $pkfile" >&2
# Line 265  if [ -f "$destdir/package-$credbase.p12" Line 278  if [ -f "$destdir/package-$credbase.p12"
278       "$destdir/$bckprefix.$DATE.package-$credbase.p12"       "$destdir/$bckprefix.$DATE.package-$credbase.p12"
279  fi  fi
280  openssl pkcs12 -export \  openssl pkcs12 -export \
281      -passin env:PW -inkey "$tempdir/key-$credbase.pem" \      -passin env:NPW -inkey "$tempdir/key-$credbase.pem" \
282      -certfile "$destdir/chain-$credbase.pem" \      -certfile "$destdir/chain-$credbase.pem" \
283      -name "$friendlyname" -in "$pkcs12eec" \      -name "$friendlyname" -in "$pkcs12eec" \
284      -passout env:PW -out "$destdir/package-$credbase.p12"      -passout env:NPW -out "$destdir/package-$credbase.p12"
285    
286  if [ $? -ne 0 ]; then  if [ $? -ne 0 ]; then
287    echo "Error: something went wrong creating the normalised package" >&2    echo "Error: something went wrong creating the normalised package" >&2
# Line 329  if [ "$makecsr" -ne 0 ]; then Line 342  if [ "$makecsr" -ne 0 ]; then
342    echo "  subject: $certsubject"    echo "  subject: $certsubject"
343    
344    openssl req -new \    openssl req -new \
345      -key "$destdir/key-$certfn.pem" -passin env:PW \      -key "$destdir/key-$certfn.pem" -passin env:NPW \
346      -subj "$certsubject" \      -subj "$certsubject" \
347      -out "$destdir/request-$certfn.pem"      -out "$destdir/request-$certfn.pem"
348  fi  fi

Legend:
Removed from v.3298  
changed lines
  Added in v.3299

grid.support@nikhef.nl
ViewVC Help
Powered by ViewVC 1.1.28