Commit a97fc63e authored by Janek Bevendorff's avatar Janek Bevendorff

Only increment filename and not CN if certificate exists

parent 2ad7d712
......@@ -32,7 +32,7 @@ if [ "$CMD" == "issue" ]; then
DEFINE_string "organizational_unit" "" "Organizational Unit (OU) for the certificate (optional)" "u"
DEFINE_string "email" "" "E-Mail address for the certificate" "e"
DEFINE_boolean "no_password" false "Do not encrypt private key" "n"
DEFINE_boolean "overwrite" false "Overwrite existing certificates instead of incrementing CN" "x"
DEFINE_boolean "overwrite" false "Overwrite existing certificates instead of incrementing filename (use with caution!)" "x"
DEFINE_string "csr" "" "CSR file (optional)" "i"
DEFINE_string "out" "/dev/stdout" "OpenVPN .ovpn config file to generate (optional)" "o"
elif [ "$CMD" == "revoke" ]; then
......@@ -306,19 +306,20 @@ issue() {
DELETE_KEY=false
DELETE_CSR=false
CERT="${MOUNT_DIR}/${FLAGS_type}/${FLAGS_common_name}.crt"
local cert_filename="$FLAGS_common_name"
CERT="${MOUNT_DIR}/${FLAGS_type}/${cert_filename}.crt"
local counter_suffix=0
while [ $FLAGS_overwrite -eq 1 ] && [ -f "$CERT" ]; do
counter_suffix=$(($counter_suffix + 1))
CERT="${MOUNT_DIR}/${FLAGS_type}/${FLAGS_common_name}_${counter_suffix}.crt"
CERT="${MOUNT_DIR}/${FLAGS_type}/${cert_filename}_${counter_suffix}.crt"
done
if [ $counter_suffix -gt 0 ]; then
logWarn "Certificate file '${FLAGS_type}/${FLAGS_common_name}.crt' already exists, incrementing CN to ${counter_suffix}!"
export FLAGS_common_name="${FLAGS_common_name}_${counter_suffix}"
logWarn "Certificate file '${FLAGS_type}/${cert_filename}.crt' already exists, saving as '${FLAGS_type}/${cert_filename}_${counter_suffix}.crt'."
cert_filename="${cert_filename}_${counter_suffix}"
fi
if [ "$CSR" == "" ] || [ ! -f "$CSR" ]; then
KEY="${MOUNT_DIR}/${FLAGS_type}/${FLAGS_common_name}.pem"
KEY="${MOUNT_DIR}/${FLAGS_type}/${cert_filename}.pem"
if [ $FLAGS_overwrite -eq 1 ] && [ -f "$KEY" ]; then
logError "Key file ${KEY} already exists!"
cleanup "$MOUNT_DIR"
......@@ -326,7 +327,7 @@ issue() {
fi
generate_key "$KEY" "$BITS"
CSR="${MOUNT_DIR}/${FLAGS_type}/${FLAGS_common_name}.csr"
CSR="${MOUNT_DIR}/${FLAGS_type}/${cert_filename}.csr"
if [ $FLAGS_overwrite -eq 1 ] && [ -f "$CSR" ]; then
logError "CSR file ${CSR} already exists!"
cleanup "$MOUNT_DIR"
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment