diff options
| author | Joe Rayhawk <jrayhawk@omgwallhack.org> | 2011-03-29 13:51:04 -0700 |
|---|---|---|
| committer | Joe Rayhawk <jrayhawk@omgwallhack.org> | 2011-03-29 13:51:04 -0700 |
| commit | 592c2e5f0d0ae4aaf67e4d0e9f61a4bd41971a67 (patch) | |
| tree | 95874b497662380f139a91ebce8cb894c8d6f8d2 /signcsr.sh | |
| parent | e27399a70c004ee3bf5908edadb4c6c9893dad9c (diff) | |
| download | cash-592c2e5f0d0ae4aaf67e4d0e9f61a4bd41971a67.tar.gz cash-592c2e5f0d0ae4aaf67e4d0e9f61a4bd41971a67.zip | |
Be more robust in the face of dumb users.
Diffstat (limited to 'signcsr.sh')
| -rwxr-xr-x | signcsr.sh | 9 |
1 files changed, 5 insertions, 4 deletions
@@ -20,16 +20,17 @@ if [[ "$1" =~ (.+/|())(.+) ]]; then # strip leading directories, if they exist echo Using "$NAME" as cert name. fi -if [ $2 ]; then - export CA=$2 +if [ -e "$CA"/signed/"$NAME".crt ]; then + echo "$CA/signed/$NAME.crt" already exists! + exit 3 fi - + # Gen signed key mkdir -pv "$CA"/signed "$CA"/temp "$CA"/certs SERIAL=$(cat "$CA"/ca/"$CA".serial) openssl ca -config "$OPENSSL_CONFIG" -in "$1" if [ -e "$CA"/certs/"$SERIAL".pem ]; then # openssl lacks useful exit status codes, so we check to see if it actually did anything instead. mv -i "$1" "$CA"/signed/$NAME.csr - ln "$CA"/certs/"$SERIAL".pem "$CA"/signed/"$1".crt # so we can find the certificate by name as well as serial + ln "$CA"/certs/"$SERIAL".pem "$CA"/signed/"$NAME".crt # so we can find the certificate by name as well as serial echo "Use ./mailcert.sh $NAME [emailaddress] to use sendmail to deliver the CA and user certificate." fi |