Slightly dubious certreq adjustments.
[utils.git] / certreq
CommitLineData
f2571f84
FT
1#!/bin/bash
2
f3768fd2
FT
3commajoin() {
4 f=y
5 for arg in "$@"; do
6 if [ -z "$f" ]; then echo -n ,; fi
7 echo -n "$arg"
8 f=
9 done
10}
11
f2571f84
FT
12usage() {
13 echo "usage: certreq [-h] [-a ALTNAMES] SUBJECT KEYFILE"
14 echo ' SUBJECT is of the form `/PART1=VALUE1/PART2=VALUE2/...'\'
15 echo ' ALTNAMES is of the form `DNS:name1,DNS:name,...'\'
16}
17
18declare -A reqexts config
19while getopts ha: OPT; do
20 case "$OPT" in
21 h)
22 usage
23 exit 0
24 ;;
25 a)
26 reqexts[SAN]=1
27 config[SAN]=1
28 config_SAN=("${config_SAN[@]}" "subjectAltName=$OPTARG")
29 ;;
30 esac
31done
32shift $((OPTIND - 1))
33if [ $# -lt 2 ]; then
34 usage >&2
35 exit 1
36fi
37
38args=(openssl req -new)
39if [ -n "${!reqexts[*]}" ]; then
f3768fd2
FT
40 for reqext in "${!reqexts[@]}"; do
41 args=("${args[@]}" -reqexts "$reqext")
42 done
f2571f84
FT
43fi
44if [ -n "${!config[*]}" ]; then
45 confpath="$(mktemp /tmp/certreq-XXXXXX)"
46 cat /etc/ssl/openssl.cnf >>"$confpath"
47 for section in "${!config[@]}"; do
48 echo "[${section}]" >>"$confpath"
49 var="config_${section}[@]"
50 for confopt in "${!var}"; do
51 echo "$confopt" >>"$confpath"
52 done
53 echo >>"$confpath"
54 done
55 trap 'rm -f "$confpath"' EXIT
56 args=("${args[@]}" -config "$confpath")
57fi
58args=("${args[@]}" -subj "$1" -key "$2")
59
60"${args[@]}"