# Certgen config file
-# Format: <SGN/CRT/CSR> <domain name> <crt-subject> <alt dns names ","-separated, NOT SPACES!>
-# SGN: use CA in ./ca to sign the new cert.
-# CRT: selfsign the new cert
-# CST: create a csr only.
-
+#
+# Empty lines or lines starting with "#" are ignored.
+#
+# Format: <OPERATION> <Parameters>
+# EXIT <errorcode> <optional: text with spaces to display>
+# CA <CA Name> <Cert Subject>
+# SGN <CN> <Cert Subject> <optional: additional DNS-alt-names ","-separated, NOT SPACES!>
+# This will create a cert and sign with the ca located in ./ca/
+# CRT <CN> <Cert Subject> <optional: additional DNS-alt-names ","-separated, NOT SPACES!>
+# This will create a self signed cert.
+# CSR <CN> <Cert Subject> <optional: additional DNS-alt-names ","-separated, NOT SPACES!>
+# This will create a cert request only.
+#
# For some strange reason the subject line has to start with /emailAddress=...
# Otherwise some weird stuff happens - good job, openssl folks :/
# For failing services ;)
-CRT localhost /emailAddress=root@localhost/OU=CertGen/O=YouFailed;)/
+CRT localhost /emailAddress=root@localhost/OU=CertGen/O=YouFailed;)/ *.loc,loc,l,*.l
+
+# stop certgen here
+EXIT 0 Stop processing here - comment out or delete.
# Setup a CA-system
CA SomeNet /emailAddress=contact@somenet.org/OU=CertGenCA/O=somenet.org/CN=SomeNet/
cd $MYPWD
read -a certdata <<< "$cdline"
+ if [[ ${certdata[0]} == "EXIT" ]] ; then
+ echo "*** $cdline ***" 1>&2
+ exit ${certdata[1]}
+ fi
+
echo "*** Processing: $(date -Iseconds) - ${certdata[0]} - ${certdata[1]} ***"
if [[ -d "output/${certdata[1]}" ]] ; then
echo "*** ERROR - THIS SEEMS TO ALREADY EXIST ***" 1>&2
SomeNet / public repos / somenet / certgen.git / commitdiff