summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJoe Rayhawk <jrayhawk@omgwallhack.org>2012-04-11 17:24:35 -0700
committerJoe Rayhawk <jrayhawk@omgwallhack.org>2012-04-11 17:24:35 -0700
commit8f24f78fb1882587d6a4bd39ed3c1a4239e00a71 (patch)
treeda994b21c4de15a0523c3b0513dd8dd2c58951f0
parent4afcbf84726868ef35da6aaf7d50a841e6275d95 (diff)
downloadcash-8f24f78fb1882587d6a4bd39ed3c1a4239e00a71.tar.gz
cash-8f24f78fb1882587d6a4bd39ed3c1a4239e00a71.zip
post-sign hook: new
-rw-r--r--README.txt1
-rwxr-xr-xsigncsr.sh9
2 files changed, 8 insertions, 2 deletions
diff --git a/README.txt b/README.txt
index 9b1beab..44732ab 100644
--- a/README.txt
+++ b/README.txt
@@ -8,6 +8,7 @@ edit local.cfg to your liking, run ./genca.sh, then do one of
* generate a signed key and cert with ./gensignedcert certname
* sign an existing CSR with ./signcsr csrfile
+ * ./signcsr will execute, if available, ./post-sign with the DER path as an argument
Updates are available from
diff --git a/signcsr.sh b/signcsr.sh
index b48ad45..157606c 100755
--- a/signcsr.sh
+++ b/signcsr.sh
@@ -39,6 +39,11 @@ if [ -e "$CA"/certs/"$SERIAL".pem ]; then # openssl lacks useful exit status cod
mv -i "$1" "$CA"/signed/$NAME.csr
ln "$CA"/certs/"$SERIAL".pem "$CA"/signed/"$NAME".crt # so we can find the certificate by name as well as serial
openssl x509 -in "$CA"/certs/"$SERIAL".pem -outform DER -out "$CA"/signed/"$NAME".der # Chrome compatible
- echo "* Web: $CA/signed/$NAME.der with Content-type: application/x-x509-user-cert is suggested."
- echo "* Email: use ./mailcert.sh $NAME [emailaddress] to use sendmail to deliver the CA and user certificate as PEM MIME attachments."
+ if [ -x ./post-sign ]; then
+ ./post-sign "$CA"/signed/"$NAME".der
+ else
+ echo "* Web: $CA/signed/$NAME.der with Content-type: application/x-x509-user-cert is suggested."
+ echo "* Email: use ./mailcert.sh $NAME [emailaddress] to use sendmail to deliver the CA and user certificate as PEM MIME attachments."
+ fi
fi
+