|
@@ -110,6 +110,9 @@ ssl-crt-fp() {
|
|
|
done
|
|
|
}
|
|
|
|
|
|
+ssl-crt-info() {
|
|
|
+ openssl x509 -noout -text -in $1
|
|
|
+}
|
|
|
ssl-crt-info() {
|
|
|
openssl x509 -noout -text -in $1
|
|
|
}
|
|
@@ -118,17 +121,37 @@ ssl-csr-info() {
|
|
|
openssl req -noout -text -in $1
|
|
|
}
|
|
|
|
|
|
+ssl-csr-subject() {
|
|
|
+ openssl req -noout -text -in $1 | \
|
|
|
+ sed -r -n 's/^\s+Subject: (.*)/\1/p' | \
|
|
|
+ sed -r 's#(^|, )#/#g'
|
|
|
+}
|
|
|
+
|
|
|
ssl-csr-gen() {
|
|
|
local domain="${1:-mydomain}"
|
|
|
local keysize="${2:-4096}"
|
|
|
local keytype="${3:-rsa}"
|
|
|
local digest="${4:-sha256}"
|
|
|
+ local subject="/C=FR/ST=IDF/L=Paris/O=${domain}/CN=${domain}/emailAddress=admin@${domain}"
|
|
|
+ if [ -n "${CSR_SUBJECT}" ]; then
|
|
|
+ subject="${CSR_SUBJECT}"
|
|
|
+ fi
|
|
|
printf "Generating csr/key for ${domain} with ${keytype}/${keysize} key and ${digest} digest...\n"
|
|
|
openssl req \
|
|
|
- -nodes -${digest} \
|
|
|
+ -subj "${subject}" \
|
|
|
+ -nodes \
|
|
|
+ -${digest} \
|
|
|
-newkey ${keytype}:${keysize} \
|
|
|
-keyout ${domain}.key \
|
|
|
-out ${domain}.csr
|
|
|
+ ssl-csr-info ${domain}.csr
|
|
|
+}
|
|
|
+
|
|
|
+ssl-csr-gen-from() {
|
|
|
+ local oldcsr="${1}"
|
|
|
+ local domain="${2}"
|
|
|
+ local subject="$(ssl-csr-subject "${oldcsr}")"
|
|
|
+ CSR_SUBJECT="$(ssl-csr-subject "${oldcsr}")" ssl-csr-gen "${domain}"
|
|
|
}
|
|
|
|
|
|
#
|