From 9f1ba206a6e5fb68680934b244f1a9377e894682 Mon Sep 17 00:00:00 2001 From: Joe Rayhawk Date: Thu, 8 Dec 2011 01:40:11 -0800 Subject: Adding spkac support --- signcsr.sh | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) (limited to 'signcsr.sh') diff --git a/signcsr.sh b/signcsr.sh index 5684f6a..ca50b22 100755 --- a/signcsr.sh +++ b/signcsr.sh @@ -28,7 +28,13 @@ fi # Gen signed key mkdir -pv "$CA"/signed "$CA"/temp "$CA"/certs SERIAL=$(cat "$CA"/ca/"$CA".serial) -openssl ca -config "$OPENSSL_CONFIG" -in "$1" + +if [[ "$1" =~ \.spkac$ ]]; then # SPKAC HTML5 standard + openssl ca -config "$OPENSSL_CONFIG" -spkac "$1" -notext +else # x509 CSR + openssl ca -config "$OPENSSL_CONFIG" -in "$1" +fi + if [ -e "$CA"/certs/"$SERIAL".pem ]; then # openssl lacks useful exit status codes, so we check to see if it actually did anything instead. mv -i "$1" "$CA"/signed/$NAME.csr ln "$CA"/certs/"$SERIAL".pem "$CA"/signed/"$NAME".crt # so we can find the certificate by name as well as serial -- cgit v1.2.3