53 lines
1.4 KiB
Django/Jinja
53 lines
1.4 KiB
Django/Jinja
#!/bin/bash
|
|
|
|
_retval=
|
|
|
|
host_arg=
|
|
if [ $# -ne 1 ] ; then
|
|
echo "You need to pass just one argument: the full hostname for wich the certificate is required"
|
|
exit 1
|
|
else
|
|
host_arg="$1"
|
|
fi
|
|
|
|
easy_rsa_base_dir={{ easy_rsa_pki_basedir }}
|
|
easy_rsa_issued_dir="${easy_rsa_base_dir}/pki/issued"
|
|
easy_rsa_keys_dir="${easy_rsa_base_dir}/pki/private"
|
|
easy_rsa_reqs_dir="${easy_rsa_base_dir}/pki/reqs"
|
|
easy_vars_file="${easy_rsa_base_dir}/vars"
|
|
if [ -f "${easy_vars_file}.tmpl" ] ; then
|
|
echo "There's a template file ${easy_vars_file}.tmpl present. Check that nothing wrong happened, then remove it before proceeding."
|
|
exit 1
|
|
fi
|
|
|
|
if [ -f "${easy_rsa_issued_dir}/${host_arg}.crt" ] ; then
|
|
echo ""
|
|
echo "A certificate already exists"
|
|
echo "If you want to renew it, then use the command renew-client-host-certificate"
|
|
echo ""
|
|
exit 1
|
|
fi
|
|
|
|
echo ""
|
|
echo "Starting the creation of a client host certificate."
|
|
echo ""
|
|
|
|
cd "$easy_rsa_base_dir"
|
|
./easyrsa build-client-full "$host_arg" nopass
|
|
retval=$?
|
|
|
|
if [ $retval -eq 0 ] ; then
|
|
echo ""
|
|
echo "Done."
|
|
echo "The certificate file is ${easy_rsa_issued_dir}/${host_arg}.crt"
|
|
echo "The private key file is ${easy_rsa_keys_dir}/${host_arg}.key"
|
|
echo ""
|
|
echo "Remember that the key of the host certificates do not passphrase protected"
|
|
else
|
|
echo ""
|
|
echo "Something went wrong, the certificate creation failed"
|
|
echo ""
|
|
fi
|
|
|
|
exit 0
|