affine/jobserv
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

refactored certs-gen to work with default values when read is not effective

Browse source
This commit is contained in:
Aidan Hahn 2019-06-01 13:25:32 -07:00
parent 259a76eeb6
commit 0b8cf633ee
No known key found for this signature in database
GPG key ID: 327711E983899316
1 changed files with 21 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

24
certs-gen.sh
View file

@ -1,9 +1,17 @@
#!/bin/sh
pwd
read -p "Enter Server CN (localhost or address): " SRVNAME
read -p "Enter Client CN (localhost or address): " CLTNAME
# get CNs
read -p "Enter Server CN (default: localhost): " SRVNAME
read -p "Enter Client CN (default: localhost): " CLTNAME
if [ -z "$SRVNAME" ]; then
SRVNAME=localhost
fi
if [ -z "$CLTNAME" ]; then
CLTNAME=localhost
fi
SERVER_CA_CN=jobserv-server-ca
SERVER_PATH=resources/server
@ -25,6 +33,16 @@ rm -rf staging
# Get passwords for CAs
read -p "Enter Server CA Passphrase: " SRVCAPASS
read -p "Enter Client CA Passphrase: " CLTCAPASS
if [ -z "$SRVCAPASS" ]; then
SRVCAPASS=$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 13)
echo "[*] Server CA Password is: " $SRVCAPASS
fi
if [ -z "$CLTCAPASS" ]; then
CLTCAPASS=$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 13)
echo "[*] Client CA Password is: " $CLTCAPASS
fi
# Generate CA Keys
echo "[+] Generating Server CA Key"
openssl genrsa -passout pass:$SRVCAPASS -aes256 -out $SERVER_PATH/ca.key 4096