set C(ca-period) 3650
set C(archive-interval) 32
+## The update hook function.
+proc update-hook {} {
+ ## Called by `bin/update': might publish data to a web server, for example.
+}
+
## Read the user configuration.
if {[file exists "$CERTROOT/etc/config.tcl"]} {
source "$CERTROOT/etc/config.tcl"
proc req-key-hash {file} {
## Return the key hash from the certificate request in FILE.
- return [exec \
+ return [lindex [exec \
openssl req -in $file -noout -pubkey | \
openssl rsa 2>/dev/null -pubin -outform der | \
- openssl dgst -sha256 -hex]
+ openssl dgst -sha256 -hex] end]
}
proc req-dn {file} {
proc cert-key-hash {file} {
## Return the key hash from the certificate in FILE.
- return [exec \
+ return [lindex [exec \
openssl x509 -in $file -noout -pubkey | \
openssl rsa 2>/dev/null -pubin -outform der | \
- openssl dgst -sha256 -hex]
+ openssl dgst -sha256 -hex] end]
}
proc cert-dn {file} {