~mdw
/
ca
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
bin/make-ca-key, lib/func.sh: Make user and group names configurable.
[ca]
/
bin
/
make-ca-key
diff --git
a/bin/make-ca-key
b/bin/make-ca-key
index
bb3f83b
..
d24a902
100755
(executable)
--- a/
bin/make-ca-key
+++ b/
bin/make-ca-key
@@
-3,6
+3,7
@@
set -e
certroot=$(cd ${0%/*}/..; pwd)
cd "$certroot"
set -e
certroot=$(cd ${0%/*}/..; pwd)
cd "$certroot"
+. lib/func.sh
umask 022
## Archive any existing CA.
umask 022
## Archive any existing CA.
@@
-27,7
+28,7
@@
rm -f ca.cert distorted.crl
## Build a new one.
mkdir -m750 private
mkdir -m775 certs crls index index/byhash index/byserial state tmp
## Build a new one.
mkdir -m750 private
mkdir -m775 certs crls index index/byhash index/byserial state tmp
-chown
root:ca
certs crls index index/byhash index/byserial private state tmp
+chown
$ca_owner:$ca_group
certs crls index index/byhash index/byserial private state tmp
touch state/db
echo 01 >state/serial
echo 01 >state/crlnumber
touch state/db
echo 01 >state/serial
echo 01 >state/crlnumber
@@
-41,5
+42,5
@@
umask 027
openssl req -new -config openssl.conf -x509 -days 3650 \
-out ca.cert -keyout private/ca.key \
-subj "$subject"
openssl req -new -config openssl.conf -x509 -days 3650 \
-out ca.cert -keyout private/ca.key \
-subj "$subject"
-chown
root:ca
private/ca.key
+chown
$ca_owner:$ca_group
private/ca.key
chmod 644 ca.cert
chmod 644 ca.cert