diff options
author | Joe Rayhawk <jrayhawk@omgwallhack.org> | 2012-04-11 17:24:35 -0700 |
---|---|---|
committer | Joe Rayhawk <jrayhawk@omgwallhack.org> | 2012-04-11 17:24:35 -0700 |
commit | 8f24f78fb1882587d6a4bd39ed3c1a4239e00a71 (patch) | |
tree | da994b21c4de15a0523c3b0513dd8dd2c58951f0 | |
parent | 4afcbf84726868ef35da6aaf7d50a841e6275d95 (diff) | |
download | cash-8f24f78fb1882587d6a4bd39ed3c1a4239e00a71.tar.gz cash-8f24f78fb1882587d6a4bd39ed3c1a4239e00a71.zip |
post-sign hook: new
-rw-r--r-- | README.txt | 1 | ||||
-rwxr-xr-x | signcsr.sh | 9 |
2 files changed, 8 insertions, 2 deletions
@@ -8,6 +8,7 @@ edit local.cfg to your liking, run ./genca.sh, then do one of * generate a signed key and cert with ./gensignedcert certname * sign an existing CSR with ./signcsr csrfile + * ./signcsr will execute, if available, ./post-sign with the DER path as an argument Updates are available from @@ -39,6 +39,11 @@ if [ -e "$CA"/certs/"$SERIAL".pem ]; then # openssl lacks useful exit status cod mv -i "$1" "$CA"/signed/$NAME.csr ln "$CA"/certs/"$SERIAL".pem "$CA"/signed/"$NAME".crt # so we can find the certificate by name as well as serial openssl x509 -in "$CA"/certs/"$SERIAL".pem -outform DER -out "$CA"/signed/"$NAME".der # Chrome compatible - echo "* Web: $CA/signed/$NAME.der with Content-type: application/x-x509-user-cert is suggested." - echo "* Email: use ./mailcert.sh $NAME [emailaddress] to use sendmail to deliver the CA and user certificate as PEM MIME attachments." + if [ -x ./post-sign ]; then + ./post-sign "$CA"/signed/"$NAME".der + else + echo "* Web: $CA/signed/$NAME.der with Content-type: application/x-x509-user-cert is suggested." + echo "* Email: use ./mailcert.sh $NAME [emailaddress] to use sendmail to deliver the CA and user certificate as PEM MIME attachments." + fi fi + |