nik/easyrsa
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Command renew: Require CSR as input file and refactor verification

Browse Source 
Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>
This commit is contained in:
Richard T Bonhomme 2022-12-17 21:51:39 +00:00
parent b4dc2ad0ea
commit 4c8a4e8765
No known key found for this signature in database
GPG Key ID: 2D767DB92FB6C246
1 changed files with 15 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
easyrsa3/easyrsa
View File

@ -2183,21 +2183,26 @@ Option 'nopass' is not supported by command 'renew'."
shift shift
done done
# referenced cert must exist:
[ -f "$crt_in" ] || die "\
Unable to renew as no certificate was found. Certificate was expected
at: $crt_in"
# Verify certificate # Verify certificate
verify_file x509 "$crt_in" || die "\ if [ -f "$crt_in" ]; then
Unable to renew as the input file is not a valid certificate. Unexpected verify_file x509 "$crt_in" || die "\
input in file: $crt_in" Input file is not a valid certificate:
* $crt_in"
else
die "\
Missing certificate file:
* $crt_in"
fi
# Verify request # Verify request
if [ -e "$req_in" ]; then if [ -e "$req_in" ]; then
verify_file req "$req_in" || die "\ verify_file req "$req_in" || die "\
Unable to verify request. The file is not a valid request. Input file is not a valid request:
Unexpected input in file: $req_in" * $req_in"
else
die "\
Missing request file:
* $req_in"
fi fi
# get the serial number of the certificate # get the serial number of the certificate