nik/easyrsa
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Workaround older openssl which don't have -ext

Browse Source 
Signed-off-by: Xavier Bachelot <xavier@bachelot.org>
This commit is contained in:
Xavier Bachelot 2019-01-28 16:19:55 +01:00
parent ff87fb1812
commit 9de1173584
Failed to extract signature
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
easyrsa3/easyrsa
View File

@ -1018,8 +1018,8 @@ Renewal not allowed."
# Extract certificate usage from old cert # Extract certificate usage from old cert
cert_ext_key_usage=$( cert_ext_key_usage=$(
"$EASYRSA_OPENSSL" x509 -in "$crt_in" -noout -ext extendedKeyUsage | "$EASYRSA_OPENSSL" x509 -in "$crt_in" -noout -text |
sed -n "2p;n;s/^ *//;p;" sed -n "/X509v3 Extended Key Usage:/{n;s/^ *//g;p;}"
) )
case $cert_ext_key_usage in case $cert_ext_key_usage in
"TLS Web Client Authentication") "TLS Web Client Authentication")
@ -1037,8 +1037,8 @@ Renewal not allowed."
echo "$EASYRSA_EXTRA_EXTS" | grep -q subjectAltName || \ echo "$EASYRSA_EXTRA_EXTS" | grep -q subjectAltName || \
{ {
san=$( san=$(
"$EASYRSA_OPENSSL" x509 -in "$crt_in" -noout -ext subjectAltName | "$EASYRSA_OPENSSL" x509 -in "$crt_in" -noout -text |
sed -n "2p;{n;s/ //g;p;}" sed -n "/X509v3 Subject Alternative Name:/{n;s/ //g;p;}"
) )
export EASYRSA_EXTRA_EXTS="\ export EASYRSA_EXTRA_EXTS="\
$EASYRSA_EXTRA_EXTS $EASYRSA_EXTRA_EXTS