Commit 5c68aa99 authored by Michael Völske's avatar Michael Völske

pki/cert.sh: add O and OU options

parent ed0a44a6
......@@ -27,6 +27,8 @@ if [ "$CMD" == "issue" ]; then
DEFINE_string "root_cn" "" "CN of the root certificate for signing (optional)" "r"
DEFINE_string "type" "client" "Certificate type (client | server | ca)" "t"
DEFINE_string "common_name" "" "Common Name (CN) for the certificate" "c"
DEFINE_string "organization" "Webis" "Organization (O) for the certificate (optional)" "g"
DEFINE_string "organizational_unit" "" "Organizational Unit (OU) for the certificate (optional)" "u"
DEFINE_string "email" "" "E-Mail address for the certificate" "e"
DEFINE_string "csr" "" "CSR file (optional)" "s"
DEFINE_string "out" "" "OpenVPN .ovpn config file to generate (required if --type=client)" "o"
......@@ -136,7 +138,7 @@ generate_key() {
generate_csr() {
logInfo "Generating CSR..."
openssl req -config "$1" -new -key "$3" -out "$4" -reqexts "v3_req_${2}" \
-subj "/C=DE/ST=Thuringia/O=Webis/L=Weimar/CN=${5}/emailAddress=${6}"
-subj "/C=DE/ST=Thuringia/O=${5}/OU=${6}/L=Weimar/CN=${7}/emailAddress=${8}"
}
# Usage: revoke_cert CONF CERT CA_KEY CA_CERT
......@@ -301,7 +303,7 @@ issue() {
cleanup "$MOUNT_DIR"
exit 1
fi
if ! generate_csr "$CONF" "$FLAGS_type" "$KEY" "$CSR" "$FLAGS_common_name" "$FLAGS_email"; then
if ! generate_csr "$CONF" "$FLAGS_type" "$KEY" "$CSR" "$FLAGS_organization" "$FLAGS_organizational_unit" "$FLAGS_common_name" "$FLAGS_email"; then
logError "CSR generation failed!"
cleanup "$MOUNT_DIR"
exit 1
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment