nik/easyrsa
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Mergeing from solidgoldbomg for #118

Browse Source 
Merge branch 'add-show-ca-command' of
   https://github.com/solidgoldbomb/easy-rsa
   into solidgoldbomb-add-show-ca-command
This commit is contained in:
Eric F Crist 2018-12-11 20:04:05 -06:00
commit 14a5dc8a7a
No known key found for this signature in database
GPG Key ID: 72964219390D0D0E
1 changed files with 47 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
easyrsa3/easyrsa
View File

@ -38,6 +38,7 @@ Here is the list of commands available with a short syntax reminder. Use the
update-db update-db
show-req <filename_base> [ cmd-opts ] show-req <filename_base> [ cmd-opts ]
show-cert <filename_base> [ cmd-opts ] show-cert <filename_base> [ cmd-opts ]
show-ca [ cmd-opts ]
import-req <request_file_path> <short_basename> import-req <request_file_path> <short_basename>
export-p7 <filename_base> [ cmd-opts ] export-p7 <filename_base> [ cmd-opts ]
export-p12 <filename_base> [ cmd-opts ] export-p12 <filename_base> [ cmd-opts ]
@ -117,6 +118,13 @@ cmd_help() {
showing a request." showing a request."
opts=" opts="
full - show full req/cert info, including pubkey/sig data" ;; full - show full req/cert info, including pubkey/sig data" ;;
show-ca) text="
show-ca [ cmd-opts ]
Shows details of the CA cert
Human-readable output is shown."
opts="
full - show full cert info, including pubkey/sig data" ;;
import-req) text=" import-req) text="
import-req <request_file_path> <short_basename> import-req <request_file_path> <short_basename>
Import a certificate request from a file Import a certificate request from a file
@ -1132,6 +1140,42 @@ $in_file
OpenSSL failure to process the input" OpenSSL failure to process the input"
} # => show() } # => show()
# show-ca command backend
# Prints CA cert details in a readable format
show_ca() {
# opts support
local opts="-certopt no_pubkey,no_sigdump"
while [ -n "$1" ]; do
case "$1" in
full) opts= ;;
*) warn "Ignoring unknown command option: '$1'" ;;
esac
shift
done
verify_ca_init
in_file="$EASYRSA_PKI/ca.crt"
format="x509"
# Verify file exists and is of the correct type
[ -f "$in_file" ] || die "\
No such $type file with a basename of '$name' is present.
Expected to find this file at:
$in_file"
verify_file $format "$in_file" || die "\
This file is not a valid $type file:
$in_file"
notice "\
Showing $type details for 'ca'.
This file is stored at:
$in_file
"
"$EASYRSA_OPENSSL" $format -in "$in_file" -noout -text\
-nameopt multiline $opts || die "\
OpenSSL failure to process the input"
} # => show_ca()
# vars setup # vars setup
# Here sourcing of 'vars' if present occurs. If not present, defaults are used # Here sourcing of 'vars' if present occurs. If not present, defaults are used
# to support running without a sourced config format # to support running without a sourced config format
@ -1377,6 +1421,9 @@ case "$cmd" in
show-cert) show-cert)
show cert "$@" show cert "$@"
;; ;;
show-ca)
show_ca "$@"
;;
""|help|-h|--help|--usage) ""|help|-h|--help|--usage)
cmd_help "$1" cmd_help "$1"
exit 0 exit 0