nik/easyrsa
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'master' of https://github.com/TinCanTech/easy-rsa into TinCanTech-master

Browse Source
This commit is contained in:
Eric F Crist 2019-04-18 06:46:19 -05:00
commit 80e09e6bdc
No known key found for this signature in database
GPG Key ID: 72964219390D0D0E
1 changed files with 1 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
easyrsa3/easyrsa
View File

@ -383,7 +383,7 @@ verify_ssl_lib () {
val="$("$EASYRSA_OPENSSL" version)"
case "${val%% *}" in
OpenSSL|LibreSSL)
notice "\
print "\
Using SSL: $EASYRSA_OPENSSL $("$EASYRSA_OPENSSL" version)" ;;
*) die "\
Missing or invalid OpenSSL
@ -581,9 +581,6 @@ current CA keypair. If you intended to start a new CA, run init-pki first."
"$EASYRSA_OPENSSL" ec -out "$out_key_tmp" $crypto_opts
fi
# make safessl-easyrsa.cnf
make_ssl_config
# create the CA keypair:
[ ! $nopass ] && crypto_opts="-passin file:$out_key_pass_tmp"
#shellcheck disable=SC2086
@ -679,9 +676,6 @@ $EASYRSA_EXTRA_EXTS"
EASYRSA_SSL_CONF="$EASYRSA_TEMP_CONF"
fi
# make safessl-easyrsa.cnf
make_ssl_config
key_out_tmp="$(mktemp "$key_out.XXXXXXXXXX")"; EASYRSA_TEMP_FILE_2="$key_out_tmp"
req_out_tmp="$(mktemp "$req_out.XXXXXXXXXX")"; EASYRSA_TEMP_FILE_3="$req_out_tmp"
# generate request
@ -799,9 +793,6 @@ $(display_dn req "$req_in")
Failed to create temp extension file (bad permissions?) at:
$EASYRSA_TEMP_EXT"
# make safessl-easyrsa.cnf
make_ssl_config
# sign request
# shellcheck disable=SC2086
crt_out_tmp="$(mktemp "$crt_out.XXXXXXXXXX")"; EASYRSA_TEMP_FILE_2="$crt_out_tmp"
@ -890,9 +881,6 @@ $(display_dn x509 "$crt_in")
Unable to revoke as no certificate was found. Certificate was expected
at: $crt_in"
# make safessl-easyrsa.cnf
make_ssl_config
# shellcheck disable=SC2086
"$EASYRSA_OPENSSL" ca -utf8 -revoke "$crt_in" -config "$EASYRSA_SAFE_CONF" $opts || die "\
Failed to revoke certificate: revocation command failed."
@ -1007,9 +995,6 @@ $(display_dn x509 "$crt_in")
Unable to renew as no certificate was found. Certificate was expected
at: $crt_in"
# make safessl-easyrsa.cnf
make_ssl_config
# Check if old cert is expired or expires within 30 days
expire_date=$(
"$EASYRSA_OPENSSL" x509 -in "$crt_in" -noout -enddate |
@ -1149,9 +1134,6 @@ input in file: $req_in"
gen_crl() {
verify_ca_init
# make safessl-easyrsa.cnf
make_ssl_config
out_file="$EASYRSA_PKI/crl.pem"
out_file_tmp="$(mktemp "$out_file.XXXXXXXXXX")"; EASYRSA_TEMP_FILE_2="$out_file_tmp"
"$EASYRSA_OPENSSL" ca -utf8 -gencrl -out "$out_file_tmp" -config "$EASYRSA_SAFE_CONF" || die "\