Backdate SSL certificates by default for 'startDate'

This commit is contained in:
Jarrod Johnson 2014-04-11 13:26:31 -04:00
parent dd90516371
commit c1e873d37f
2 changed files with 3 additions and 3 deletions

View File

@ -46,7 +46,7 @@ fi
# remove user from index
index=`grep $CNA /etc/xcat/ca/index | cut -f4 2>&1`
for id in $index; do
openssl ca -config /etc/xcat/ca/openssl.cnf -revoke /etc/xcat/ca/certs/$id.pem
openssl ca -startdate 19600101010101Z -config /etc/xcat/ca/openssl.cnf -revoke /etc/xcat/ca/certs/$id.pem
done
mkdir -p $USERHOME/.xcat
cd $USERHOME/.xcat
@ -60,7 +60,7 @@ cd $XCATDIR/ca
# - seems to be a problem with the use of the wildcard in the Makefile
# - calling cmds directly instead - should be safe
# make sign
openssl ca -config openssl.cnf -in root.csr -out root.cert
openssl ca -startdate 19600101010101Z -config openssl.cnf -in root.csr -out root.cert
if [ -f root.cert ]; then
rm root.csr
fi

View File

@ -33,7 +33,7 @@ cd $XCATDIR/ca
# - call cmds directly instead - seems safe
# make sign
openssl ca -config openssl.cnf -in `hostname`.csr -out `hostname`.cert -extensions server
openssl ca -startdate 19600101010101Z -config openssl.cnf -in `hostname`.csr -out `hostname`.cert -extensions server
if [ -f `hostname`.cert ]; then
rm `hostname`.csr
fi