Subversion Repositories configs

Rev

Details | Last modification | View Log | RSS feed

Rev Author Line No. Line
165 - 1 
#!/bin/sh
2 
 
3 
# revoke a certificate, regenerate CRL,
4 
# and verify revocation
5 
 
6 
CRL="crl.pem"
7 
RT="revoke-test.pem"
8 
 
9 
if [ $# -ne 1 ]; then
10 
    echo "usage: revoke-full <cert-name-base>";
11 
    exit 1
12 
fi
13 
 
14 
if [ "$KEY_DIR" ]; then
15 
    cd "$KEY_DIR"
16 
    rm -f "$RT"
17 
 
18 
    # set defaults
19 
    export KEY_CN=""
20 
    export KEY_OU=""
21 
    export KEY_NAME=""
22 
 
23 
    # revoke key and generate a new CRL
24 
    $OPENSSL ca -revoke "$1.crt" -config "$KEY_CONFIG"
25 
 
26 
    # generate a new CRL -- try to be compatible with
27 
    # intermediate PKIs
28 
    $OPENSSL ca -gencrl -out "$CRL" -config "$KEY_CONFIG"
29 
    if [ -e export-ca.crt ]; then
30 
	cat export-ca.crt "$CRL" >"$RT"
31 
    else
32 
	cat ca.crt "$CRL" >"$RT"
33 
    fi
34 
 
35 
    # verify the revocation
36 
    $OPENSSL verify -CAfile "$RT" -crl_check "$1.crt"
37 
else
38 
    echo 'Please source the vars script first (i.e. "source ./vars")'
39 
    echo 'Make sure you have edited it to reflect your configuration.'
40 
fi