[asterisk-commits] jrose: trunk r375328 - in /trunk: ./ contrib/scripts/ast_tls_cert
SVN commits to the Asterisk project
asterisk-commits at lists.digium.com
Tue Oct 23 11:22:47 CDT 2012
Author: jrose
Date: Tue Oct 23 11:22:44 2012
New Revision: 375328
URL: http://svnview.digium.com/svn/asterisk?view=rev&rev=375328
Log:
ast_tls_cert script: Better response for various exit conditions to openssl
(closes issue ASTERISK-20260)
Reported by: Daniel O'Connor
Patches:
ast_tls_cert-update.diff uploaded by Daniel O'Connor (license 6419)
........
Merged revisions 375325 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 375326 from http://svn.asterisk.org/svn/asterisk/branches/10
........
Merged revisions 375327 from http://svn.asterisk.org/svn/asterisk/branches/11
Modified:
trunk/ (props changed)
trunk/contrib/scripts/ast_tls_cert
Propchange: trunk/
------------------------------------------------------------------------------
Binary property 'branch-11-merged' - no diff available.
Modified: trunk/contrib/scripts/ast_tls_cert
URL: http://svnview.digium.com/svn/asterisk/trunk/contrib/scripts/ast_tls_cert?view=diff&rev=375328&r1=375327&r2=375328
==============================================================================
--- trunk/contrib/scripts/ast_tls_cert (original)
+++ trunk/contrib/scripts/ast_tls_cert Tue Oct 23 11:22:44 2012
@@ -30,20 +30,45 @@
}
create_ca () {
- echo "Creating ${CAKEY}"
+ echo "Creating CA key ${CAKEY}"
openssl genrsa -des3 -out ${CAKEY} 4096 > /dev/null
- echo "Creating ${CACERT}"
+ if [ $? -ne 0 ];
+ then
+ echo "Failed"
+ exit 1
+ fi
+ echo "Creating CA certificate ${CACERT}"
openssl req -new -config ${CACFG} -x509 -days 365 -key ${CAKEY} -out ${CACERT} > /dev/null
+ if [ $? -ne 0 ];
+ then
+ echo "Failed"
+ exit 1
+ fi
}
create_cert () {
local base=${OUTPUT_DIR}/${OUTPUT_BASE}
- echo "Creating ${base}.key"
+ echo "Creating certificate ${base}.key"
openssl genrsa -out ${base}.key 1024 > /dev/null
- echo "Creating signing request"
+ if [ $? -ne 0 ];
+ then
+ echo "Failed"
+ exit 1
+ fi
+ echo "Creating signing request ${base}.csr"
openssl req -batch -new -config ${CONFIG_FILE} -key ${base}.key -out ${base}.csr > /dev/null
- echo "Creating ${base}.crt"
+ if [ $? -ne 0 ];
+ then
+ echo "Failed"
+ exit 1
+ fi
+ echo "Creating certificate ${base}.crt"
openssl x509 -req -days 365 -in ${base}.csr -CA ${CACERT} -CAkey ${CAKEY} -set_serial 01 -out ${base}.crt > /dev/null
+ if [ $? -ne 0 ];
+ then
+ echo "Failed"
+ exit 1
+ fi
echo "Combining key and crt into ${base}.pem"
cat ${base}.key > ${base}.pem
cat ${base}.crt >> ${base}.pem
@@ -181,6 +206,12 @@
CACFG=${OUTPUT_DIR}/ca.cfg
create_config ca "${CACFG}" "${DEFAULT_CA_CN}" "${DEFAULT_CA_ORG}"
create_ca
+else
+ if [ -z ${CAKEY} ]
+ then
+ echo "-k must be specified if -c is"
+ exit 1
+ fi
fi
create_cert
More information about the asterisk-commits
mailing list