/[pdpsoft]/trunk/agiletestbed/make-terena-req.sh
ViewVC logotype

Contents of /trunk/agiletestbed/make-terena-req.sh

Parent Directory Parent Directory | Revision Log Revision Log


Revision 2393 - (show annotations) (download) (as text)
Thu Aug 4 08:33:23 2011 UTC (10 years, 11 months ago) by dennisvd
File MIME type: application/x-shellscript
File size: 1733 byte(s)
script to generate TERENA eScience SSL CA requests
1 #!/bin/sh
2
3 # Generate a Terena eScience Server CA compliant CSR.
4
5 if [ $# -lt 1 ]; then
6 echo "Usage: $0 hostname [ hostname ... ]" >&2
7 exit 1
8 fi
9
10 generatedcsrs=
11
12 until [ $# -eq 0 ]; do
13
14 # hostname to use in the request
15 hostname=$1
16 shift
17
18 # generate each request in its own subdirectory
19 if [ ! -d "$hostname" ]; then
20 mkdir "$hostname"
21 fi
22
23 # be mindful of existing files; reuse the newkey.pem file if it
24 # exists, otherwise openssl will generate it.
25 key="$hostname/newkey.pem"
26 if [ -r "$key" ]; then
27 # reuse it
28 usekey="-key $key"
29 else
30 # let openssl generate it
31 usekey=""
32 fi
33
34 # don't overwrite existing requests
35 csr="$hostname/newrequest.csr"
36 if [ -f "$csr" ]; then
37 echo "ERROR: $csr already exists, not generating a new request" >&2
38 continue
39 fi
40
41 # at this point, we're definitely going to create a new request
42 # we need to generate an openssl cnf file specific to the request.
43
44 cat > "$hostname/newrequest.cnf" <<EOF
45 [ req ]
46 default_bits = 2048
47 default_keyfile = $hostname/newkey.pem
48 distinguished_name = req_distinguished_name
49 req_extensions = v3_ext
50 prompt = no
51
52 [ req_distinguished_name ]
53 0.C = NL
54 1.O = Stichting FOM
55 2.OU = Nikhef
56 CN = $hostname
57
58 [ v3_ext ]
59
60 subjectAltName = DNS:$hostname
61
62 EOF
63
64 openssl req -nodes -new -out "$csr" -text $usekey -config "$hostname/newrequest.cnf"
65 if [ $? -eq 0 ]; then
66 generatedcsrs="$generatedcsrs
67 $csr"
68 else
69 echo "ERR: openssl req failed." >&2
70 echo "Failed command: 'openssl req -nodes -new -out $csr -text $usekey -config $hostname/newrequest.cnf'"
71 continue
72 fi
73
74 done
75
76
77 echo "Done. Generated CSRs:$generatedcsrs"
78
79
80

Properties

Name Value
svn:executable *

grid.support@nikhef.nl
ViewVC Help
Powered by ViewVC 1.1.28