rpms/crypto-utils/devel genkey.pl,1.20,1.21
Elio Maldonado
emaldonado at fedoraproject.org
Sun Oct 19 05:10:40 UTC 2008
Author: emaldonado
Update of /cvs/extras/rpms/crypto-utils/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv19209
Modified Files:
genkey.pl
Log Message:
Added support for CA cert renewal when in openssl compatibilty mode
Index: genkey.pl
===================================================================
RCS file: /cvs/extras/rpms/crypto-utils/devel/genkey.pl,v
retrieving revision 1.20
retrieving revision 1.21
diff -u -r1.20 -r1.21
--- genkey.pl 11 Oct 2008 19:43:38 -0000 1.20
+++ genkey.pl 19 Oct 2008 05:10:10 -0000 1.21
@@ -74,7 +74,7 @@
--makeca Generate a self-signed certificate for a CA
--days Days until expiry of self-signed certificate (default 30)
--renew CSR is for cert renewal, reusing existing key pair, openssl certs only
- --isca Renewal is for a CA certificate
+ --cacert Renewal is for a CA certificate, needed for openssl certs only
--nss Use the nss database for keys and certificates
EOH
exit 1;
@@ -124,7 +124,7 @@
my $cert_days = 30;
my $nss ='';
my $renew = '';
-my $isca = '';
+my $cacert = '';
my $modNssDbDir = '';
my $nssNickname = '';
my $nssDBPrefix = '';
@@ -132,7 +132,7 @@
'genreq' => \$genreq_mode,
'days=i' => \$cert_days,
'renew' => \$renew,
- 'isca' => \$isca,
+ 'cacert' => \$cacert,
'nss|n' => \$nss,
'makeca' => \$ca_mode) or usage();
usage() unless @ARGV != 0;
@@ -1124,7 +1124,7 @@
sub renewCertOpenSSL
{
my ($csrfile, # output
- $certfile,$keyfile,$days) = @_;
+ $certfile,$keyfile,$cacert,$days) = @_;
use integer;
my $months = $days ? $days / 30 : 24;
@@ -1135,6 +1135,7 @@
my $args = "--command genreq ";
$args .= "--renew $certfile ";
$args .= "--input $keyfile ";
+ $args .= "--cacert " if $cacert;
$args .= "--validity $months ";
$args .= "--out $csrfile ";
@@ -1362,10 +1363,9 @@
$csrfile,
$certfile, # contains cert to renew
$keyfile, # contains encrypted private key
+ $cacert,
$days);
- ## FIXME don't harcode password - keypwdfile and I
- ## though it was the p12 file pwd
}
}
More information about the fedora-extras-commits
mailing list