xCAT/xcat-core
2
0
Fork 0
mirror of https://github.com/xcat2/xcat-core.git synced 2025-11-03 21:02:34 +00:00
Code Issues Releases Wiki Activity
Files
017b8a8c3e237a38c221eedddfa75af39b03448a
xcat-core/xCAT-server/share/xcat/scripts/setup-xcat-ca.sh
lissav e850c050ef defect 4064
2014-04-15 10:02:17 -04:00

39 lines
1.2 KiB
Bash
Executable File
Raw Blame History

#XCATDIR=`gettab key=xcatconfdir site.value`
# IBM(c) 2007 EPL license http://www.eclipse.org/legal/epl-v10.html
if [ -z "$XCATROOT" ]; then
XCATROOT=/opt/xcat
fi
if [ -z "$XCATDIR" ]; then
XCATDIR=/etc/xcat
fi
if [ -z "$1" ]; then
echo "Usage: $0 <CA name>"
exit 1
fi
CNA="$*"
XCATCADIR=$XCATDIR/ca
if [ -e $XCATDIR/ca ]; then
echo -n "Existing xCAT certificate authority detected at $XCATDIR/ca, delete? (y/n):"
read ANSWER
if [ $ANSWER != 'y' ]; then
echo "Aborting install at user request"
exit 0;
fi
rm -rf $XCATDIR/ca
mkdir -p $XCATDIR/ca
else
mkdir -p $XCATDIR/ca
fi
sed -e "s@##XCATCADIR##@$XCATCADIR@" $XCATROOT/share/xcat/ca/openssl.cnf.tmpl > $XCATCADIR/openssl.cnf
cp $XCATROOT/share/xcat/ca/Makefile $XCATCADIR/
cd $XCATCADIR
make init
#openssl req -nodes -config openssl.cnf -days 7300 -x509 -newkey rsa:2048 -out ca-cert.pem -extensions v3_ca -outform PEM -subj /CN="$CNA"
openssl genrsa -out private/ca-key.pem 2048
chmod 600 private/ca-key.pem
openssl req -new -key private/ca-key.pem -config openssl.cnf -out ca-req.csr -subj /CN="$CNA" -outform PEM
openssl ca -selfsign -keyfile private/ca-key.pem -in ca-req.csr -startdate 700101010101Z -days 7305 -extensions v3_ca -config openssl.cnf -out ca-cert.pem
cd -
Reference in New Issue View Git Blame Copy Permalink