From 961729eed1540a7633f5200c63dcf8650d35c56f Mon Sep 17 00:00:00 2001 From: Soispha Date: Tue, 7 Nov 2023 16:44:08 +0100 Subject: fix(system/services/taskserver/certs): Move cert generation to script This fully removes the human-factor and allows it to just run `./generate` to generate all required certificates and keys (with the needed extra keys and certificates) --- system/services/taskserver/certs/generate.client | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) (limited to 'system/services/taskserver/certs/generate.client') diff --git a/system/services/taskserver/certs/generate.client b/system/services/taskserver/certs/generate.client index 976cb82..4f0e503 100755 --- a/system/services/taskserver/certs/generate.client +++ b/system/services/taskserver/certs/generate.client @@ -16,21 +16,21 @@ then NAME=$1 fi -if ! [ -f ${NAME}.key.pem ] +if ! [ -f "$NAME".key.pem ] then # Create a client key. $CERTTOOL \ --generate-privkey \ --sec-param $SEC_PARAM \ - --outfile ${NAME}.key.pem + --outfile "$NAME".key.pem fi -chmod 600 ${NAME}.key.pem +chmod 600 "$NAME".key.pem -if ! [ -f ${NAME}.template ] +if ! [ -f "$NAME".template ] then # Sign a client cert with the key. - cat <${NAME}.template + cat <"$NAME".template organization = $ORGANIZATION cn = $CN expiration_days = $EXPIRATION_DAYS @@ -40,15 +40,15 @@ signing_key EOF fi -if ! [ -f ${NAME}.cert.pem ] || [ ${NAME}.template -nt ${NAME}.cert.pem ] +if ! [ -f "$NAME".cert.pem ] then $CERTTOOL \ --generate-certificate \ - --load-privkey ${NAME}.key.pem \ + --load-privkey "$NAME".key.pem \ --load-ca-certificate ca.cert.pem \ --load-ca-privkey ca.key.pem \ - --template ${NAME}.template \ - --outfile ${NAME}.cert.pem + --template "$NAME".template \ + --outfile "$NAME".cert.pem fi -chmod 600 ${NAME}.cert.pem +chmod 600 "$NAME".cert.pem -- cgit 1.4.1