From 2038ae06b2ce0570da89073e0bee773d5ad7c6cc Mon Sep 17 00:00:00 2001 From: Don Armstrong Date: Thu, 17 Sep 2009 20:06:32 +0000 Subject: [PATCH] add add_openvpn_host --- add_openvpn_host | 56 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 56 insertions(+) create mode 100755 add_openvpn_host diff --git a/add_openvpn_host b/add_openvpn_host new file mode 100755 index 0000000..fbfd7e9 --- /dev/null +++ b/add_openvpn_host @@ -0,0 +1,56 @@ +#!/bin/sh + +HOST="${1}" +CONF="${2:-danet_client.conf}" +CA="${3:-ca}" +CACERT="${CA}.cert" +CAKEY="${CA}.key" + +TMPDIR="$(mktemp -d)" + +CLIENT_CERT=$(awk '/^cert /{print $2}' "$CONF"); +CLIENT_KEY=$(awk '/^key /{print $2}' "$CONF"); +SERVER_CACERT=$(awk '/^ca /{print $2}' "$CONF"); + +umask 0077; + # #>/dev/null 2>&1 +cat -< serial + fi; +) +openssl ca -config "$TMPDIR"/config -policy policy_anything -keyfile "${CAKEY}" -cert "${CACERT}" \ + -out "$TMPDIR"/"${HOST}".cert -outdir "$TMPDIR" -notext -days 9000 -batch -infiles "${HOST}".req; #> /dev/null 2>&1 +( + cd "${TMPDIR}" + chmod a+r "${HOST}".cert + rm -f "${HOST}".req + ln -sf "${HOST}".cert "${CLIENT_CERT}" + ln -sf "${HOST}".pem "${CLIENT_KEY}" +) +cp "${CLIENT_CONF}" "${TMPDIR}"/; + +tar -zcf "${HOST}".tar.gz -C "${TMPDIR}" \ + "${HOST}".cert "${HOST}".pem "${CLIENT_CERT}" "${CLIENT_CONF}" \ + "${CLIENT_KEY}" "${SERVER_CACERT}" +rm -rf "${TMPDIR}" -- 2.39.2