-#!/bin/sh
+#!/bin/bash
HOST="${1}"
CONF="${2:-danet_client.conf}"
perl -e 'print unpack(q(H*),pack(q(NN),time,$$)),qq(\n)' > serial
fi;
openssl ca -config "$TMPDIR"/config -policy policy_anything -keyfile "${ORIGDIR}"/"${CAKEY}" -cert "${ORIGDIR}"/"${CACERT}" \
- -out "$TMPDIR"/"${HOST}".cert -outdir "$TMPDIR" -notext -days 9000 -batch -infiles "${HOST}".req; #> /dev/null 2>&1
+ -out "$TMPDIR"/"${HOST}".cert -outdir "$TMPDIR" -notext -days $(( ( $(date -d 'Tuesday, 18 January 2038' +%s) - $(date +%s) ) / 60 / 60 /24 )) -batch -infiles "${HOST}".req; #> /dev/null 2>&1
chmod a+r "${HOST}".cert
rm -f "${HOST}".req
- ln -sf "${HOST}".cert "${CLIENT_CERT}"
- ln -sf "${HOST}".pem "${CLIENT_KEY}"
+ mv "${HOST}".cert "${CLIENT_CERT}"
+ mv "${HOST}".pem "${CLIENT_KEY}"
)
-cp "${CLIENT_CONF}" "${TMPDIR}"/;
+cp "${CONF}" "${TMPDIR}"/;
+cp "${SERVER_CACERT}" "${TMPDIR}"/;
tar -zcf "${HOST}".tar.gz -C "${TMPDIR}" \
- "${HOST}".cert "${HOST}".pem "${CLIENT_CERT}" "${CLIENT_CONF}" \
+ "${CLIENT_CERT}" "${CONF}" \
"${CLIENT_KEY}" "${SERVER_CACERT}"
rm -rf "${TMPDIR}"
cp ../ccd/__template__ ../ccd/"${HOST}";
+chmod 0644 ../ccd/"${HOST}";
HOST="${HOST}" perl -pi -e 's/HOSTNAME/$ENV{HOST}/g' ../ccd/"${HOST}";