build_key-pass.sh, create_key_config.sh: fix error printing out Key CN.
This commit is contained in:
parent
0a8856aa4e
commit
133df46c7b
@ -279,9 +279,10 @@ if [ -z "$NEW_KEY_NAME" ]; then
|
|||||||
done
|
done
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
_CLIENT_CN="${KEY_CN}-${NEW_KEY_NAME}"
|
||||||
if $EASYRSA_LAYOUT_NEW ; then
|
if $EASYRSA_LAYOUT_NEW ; then
|
||||||
_CLIENT_CERT="${OPENVPN_KEY_DIR}/issued/${KEY_CN}-${NEW_KEY_NAME}.crt"
|
_CLIENT_CERT="${OPENVPN_KEY_DIR}/issued/${_CLIENT_CN}.crt"
|
||||||
_CLIENT_KEY="${OPENVPN_KEY_DIR}/private/${KEY_CN}-${NEW_KEY_NAME}.key"
|
_CLIENT_KEY="${OPENVPN_KEY_DIR}/private/${_CLIENT_CN}.key"
|
||||||
else
|
else
|
||||||
_CLIENT_CERT="${OPENVPN_KEY_DIR}/${NEW_KEY_NAME}.crt"
|
_CLIENT_CERT="${OPENVPN_KEY_DIR}/${NEW_KEY_NAME}.crt"
|
||||||
_CLIENT_KEY="${OPENVPN_KEY_DIR}/${NEW_KEY_NAME}.key"
|
_CLIENT_KEY="${OPENVPN_KEY_DIR}/${NEW_KEY_NAME}.key"
|
||||||
@ -333,6 +334,7 @@ echo ""
|
|||||||
echo ""
|
echo ""
|
||||||
echo "Client Key..............: $(basename "$_CLIENT_KEY")"
|
echo "Client Key..............: $(basename "$_CLIENT_KEY")"
|
||||||
echo "Client Cert.............: $(basename "$_CLIENT_CERT")"
|
echo "Client Cert.............: $(basename "$_CLIENT_CERT")"
|
||||||
|
echo "Common Name.............: $_CLIENT_CN"
|
||||||
echo "Key Password............: $KEY_PW"
|
echo "Key Password............: $KEY_PW"
|
||||||
|
|
||||||
info "Going to create \033[37m\033[1m$(basename "$_CLIENT_KEY")/$(basename "$_CLIENT_CERT")\033[m.."
|
info "Going to create \033[37m\033[1m$(basename "$_CLIENT_KEY")/$(basename "$_CLIENT_CERT")\033[m.."
|
||||||
@ -385,7 +387,7 @@ echo -e " \033[32mNow create the key \033[37m${NEW_KEY_NAME}.key\033[32m. This
|
|||||||
echo ""
|
echo ""
|
||||||
echo -e " Enter \033[37m\033[1m${KEY_PW}\033[m for Password"
|
echo -e " Enter \033[37m\033[1m${KEY_PW}\033[m for Password"
|
||||||
if ! $EASYRSA_LAYOUT_NEW ; then
|
if ! $EASYRSA_LAYOUT_NEW ; then
|
||||||
echo -e " Enter \033[37m\033[1m${KEY_CN}-${NEW_KEY_NAME}\033[m as commonName"
|
echo -e " Enter \033[37m\033[1m${_CLIENT_CN}\033[m as commonName"
|
||||||
echo ""
|
echo ""
|
||||||
echo " For all other entries simply type <return> or confirm with 'y'"
|
echo " For all other entries simply type <return> or confirm with 'y'"
|
||||||
fi
|
fi
|
||||||
@ -395,7 +397,7 @@ read ok
|
|||||||
echo ""
|
echo ""
|
||||||
|
|
||||||
if $EASYRSA_LAYOUT_NEW ; then
|
if $EASYRSA_LAYOUT_NEW ; then
|
||||||
${EASY_RSA_DIR}/easyrsa build-client-full ${KEY_CN}-${NEW_KEY_NAME}
|
${EASY_RSA_DIR}/easyrsa build-client-full ${_CLIENT_CN}
|
||||||
else
|
else
|
||||||
${EASY_RSA_DIR}/build-key-pass ${NEW_KEY_NAME}
|
${EASY_RSA_DIR}/build-key-pass ${NEW_KEY_NAME}
|
||||||
fi
|
fi
|
||||||
@ -414,7 +416,7 @@ echononl " Add new key credentials to file ${OPENVPN_BASE_DIR}/keys-created.tx
|
|||||||
cat << EOF >> ${OPENVPN_BASE_DIR}/keys-created.txt
|
cat << EOF >> ${OPENVPN_BASE_DIR}/keys-created.txt
|
||||||
|
|
||||||
key...............: $(basename "$_CLIENT_KEY")
|
key...............: $(basename "$_CLIENT_KEY")
|
||||||
common name.......: $(basename "${_CLIENT_KEY%.*}")
|
common name.......: $_CLIENT_CN
|
||||||
password..........: ${KEY_PW}
|
password..........: ${KEY_PW}
|
||||||
EOF
|
EOF
|
||||||
if [[ $? -eq 0 ]] ; then
|
if [[ $? -eq 0 ]] ; then
|
||||||
@ -724,11 +726,11 @@ fi
|
|||||||
|
|
||||||
if $_copy_to_user_home_dir ; then
|
if $_copy_to_user_home_dir ; then
|
||||||
_home_dir=$(eval echo "~$user_name")
|
_home_dir=$(eval echo "~$user_name")
|
||||||
_target_dir="${_home_dir}/VPN/${KEY_CN}-${NEW_KEY_NAME}"
|
_target_dir="${_home_dir}/VPN/${_CLIENT_CN}"
|
||||||
_failed=false
|
_failed=false
|
||||||
echo ""
|
echo ""
|
||||||
echononl " Copy key material into dir '${_target_dir}'.."
|
echononl " Copy key material into dir '${_target_dir}'.."
|
||||||
mkdir -p "${_home_dir}/VPN/${KEY_CN}-${NEW_KEY_NAME}" > $log_file 2>&1
|
mkdir -p "${_home_dir}/VPN/${_CLIENT_CN}" > $log_file 2>&1
|
||||||
if [[ $? -ne 0 ]] ; then
|
if [[ $? -ne 0 ]] ; then
|
||||||
_failed=true
|
_failed=true
|
||||||
fi
|
fi
|
||||||
@ -748,7 +750,7 @@ if $_copy_to_user_home_dir ; then
|
|||||||
|
|
||||||
# - Configuration for Windows OpenVPN
|
# - Configuration for Windows OpenVPN
|
||||||
# -
|
# -
|
||||||
cp -a "$_client_conf_file" "${_target_dir}/${KEY_CN}-${NEW_KEY_NAME}.ovpn"
|
cp -a "$_client_conf_file" "${_target_dir}/${_CLIENT_CN}.ovpn"
|
||||||
if [[ $? -ne 0 ]] ; then
|
if [[ $? -ne 0 ]] ; then
|
||||||
_failed=true
|
_failed=true
|
||||||
fi
|
fi
|
||||||
@ -766,7 +768,7 @@ if $_copy_to_user_home_dir ; then
|
|||||||
fi
|
fi
|
||||||
cat << EOF > "${_target_dir}/passwd.txt"
|
cat << EOF > "${_target_dir}/passwd.txt"
|
||||||
key...............: $(basename "$_CLIENT_KEY")
|
key...............: $(basename "$_CLIENT_KEY")
|
||||||
common name.......: $(basename "${_CLIENT_KEY%.*}")
|
common name.......: $_CLIENT_CN
|
||||||
password..........: ${KEY_PW}
|
password..........: ${KEY_PW}
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
@ -795,8 +797,8 @@ EOF
|
|||||||
# - with its suffix '.ovpn' is needed.
|
# - with its suffix '.ovpn' is needed.
|
||||||
# -
|
# -
|
||||||
_failed=false
|
_failed=false
|
||||||
echononl " Create zip archive '${KEY_CN}-${NEW_KEY_NAME}.tblk.zip' for MAC OS .."
|
echononl " Create zip archive '${_CLIENT_CN}.tblk.zip' for MAC OS .."
|
||||||
target_macos_tblk_dir="${_target_dir}/${KEY_CN}-${NEW_KEY_NAME}.tblk"
|
target_macos_tblk_dir="${_target_dir}/${_CLIENT_CN}.tblk"
|
||||||
mkdir "$target_macos_tblk_dir" > $log_file 2>&1
|
mkdir "$target_macos_tblk_dir" > $log_file 2>&1
|
||||||
if [[ $? -ne 0 ]] ; then
|
if [[ $? -ne 0 ]] ; then
|
||||||
_failed=true
|
_failed=true
|
||||||
@ -817,12 +819,12 @@ EOF
|
|||||||
if [[ $? -ne 0 ]] ; then
|
if [[ $? -ne 0 ]] ; then
|
||||||
_failed=true
|
_failed=true
|
||||||
fi
|
fi
|
||||||
zip -r "${KEY_CN}-${NEW_KEY_NAME}.tblk.zip" \
|
zip -r "${_CLIENT_CN}.tblk.zip" \
|
||||||
"${KEY_CN}-${NEW_KEY_NAME}.tblk" >> $log_file 2>&1
|
"${_CLIENT_CN}.tblk" >> $log_file 2>&1
|
||||||
if [[ $? -ne 0 ]] ; then
|
if [[ $? -ne 0 ]] ; then
|
||||||
_failed=true
|
_failed=true
|
||||||
fi
|
fi
|
||||||
chown ${user_name}:$user_name "${KEY_CN}-${NEW_KEY_NAME}.tblk.zip" >> $log_file 2>&1
|
chown ${user_name}:$user_name "${_CLIENT_CN}.tblk.zip" >> $log_file 2>&1
|
||||||
if [[ $? -ne 0 ]] ; then
|
if [[ $? -ne 0 ]] ; then
|
||||||
_failed=true
|
_failed=true
|
||||||
fi
|
fi
|
||||||
|
|||||||
@ -283,9 +283,10 @@ if [ -z "$NEW_KEY_NAME" ]; then
|
|||||||
done
|
done
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
_CLIENT_CN="${KEY_CN}-${NEW_KEY_NAME}"
|
||||||
if $EASYRSA_LAYOUT_NEW ; then
|
if $EASYRSA_LAYOUT_NEW ; then
|
||||||
_CLIENT_CERT="${OPENVPN_KEY_DIR}/issued/${KEY_CN}-${NEW_KEY_NAME}.crt"
|
_CLIENT_CERT="${OPENVPN_KEY_DIR}/issued/${_CLIENT_CN}.crt"
|
||||||
_CLIENT_KEY="${OPENVPN_KEY_DIR}/private/${KEY_CN}-${NEW_KEY_NAME}.key"
|
_CLIENT_KEY="${OPENVPN_KEY_DIR}/private/${_CLIENT_CN}.key"
|
||||||
else
|
else
|
||||||
_CLIENT_CERT="${OPENVPN_KEY_DIR}/${NEW_KEY_NAME}.crt"
|
_CLIENT_CERT="${OPENVPN_KEY_DIR}/${NEW_KEY_NAME}.crt"
|
||||||
_CLIENT_KEY="${OPENVPN_KEY_DIR}/${NEW_KEY_NAME}.key"
|
_CLIENT_KEY="${OPENVPN_KEY_DIR}/${NEW_KEY_NAME}.key"
|
||||||
@ -351,7 +352,7 @@ if getent passwd "$user_name" > /dev/null 2>&1; then
|
|||||||
else
|
else
|
||||||
fatal "User '$user_name' does not exist!"
|
fatal "User '$user_name' does not exist!"
|
||||||
fi
|
fi
|
||||||
_target_dir="${_home_dir}/VPN/${KEY_CN}-${NEW_KEY_NAME}"
|
_target_dir="${_home_dir}/VPN/${_CLIENT_CN}"
|
||||||
|
|
||||||
|
|
||||||
clear
|
clear
|
||||||
@ -364,6 +365,8 @@ echo "Key Name ...............: $NEW_KEY_NAME"
|
|||||||
echo "Client Key..............: $(basename "$_CLIENT_KEY")"
|
echo "Client Key..............: $(basename "$_CLIENT_KEY")"
|
||||||
echo "Client Cert.............: $(basename "$_CLIENT_CERT")"
|
echo "Client Cert.............: $(basename "$_CLIENT_CERT")"
|
||||||
echo "Key Password............: $KEY_PW"
|
echo "Key Password............: $KEY_PW"
|
||||||
|
echo "Common Name.............: $_CLIENT_CN"
|
||||||
|
echo ""
|
||||||
echo "Target directory........: $_target_dir"
|
echo "Target directory........: $_target_dir"
|
||||||
|
|
||||||
info "Going to create configuration for key \033[37m\033[1m${NEW_KEY_NAME}.key\033[m.."
|
info "Going to create configuration for key \033[37m\033[1m${NEW_KEY_NAME}.key\033[m.."
|
||||||
@ -649,7 +652,7 @@ else
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
_failed=false
|
_failed=false
|
||||||
echononl " Copy key material into dir '${_target_dir}/${KEY_CN}-${NEW_KEY_NAME}'.."
|
echononl " Copy key material into dir '${_target_dir}/${_CLIENT_CN}'.."
|
||||||
if [[ -d "${_target_dir}" ]]; then
|
if [[ -d "${_target_dir}" ]]; then
|
||||||
mv "${_target_dir}" "${_target_dir}.$_date" > $log_file 2>&1
|
mv "${_target_dir}" "${_target_dir}.$_date" > $log_file 2>&1
|
||||||
if [[ $? -ne 0 ]] ; then
|
if [[ $? -ne 0 ]] ; then
|
||||||
@ -672,7 +675,7 @@ fi
|
|||||||
if [[ $? -ne 0 ]] ; then
|
if [[ $? -ne 0 ]] ; then
|
||||||
_failed=true
|
_failed=true
|
||||||
fi
|
fi
|
||||||
cp -a "$_client_conf_file" "${_target_dir}/${KEY_CN}-${NEW_KEY_NAME}.ovpn"
|
cp -a "$_client_conf_file" "${_target_dir}/${_CLIENT_CN}.ovpn"
|
||||||
if [[ $? -ne 0 ]] ; then
|
if [[ $? -ne 0 ]] ; then
|
||||||
_failed=true
|
_failed=true
|
||||||
fi
|
fi
|
||||||
@ -690,7 +693,7 @@ if [[ $? -ne 0 ]] ; then
|
|||||||
fi
|
fi
|
||||||
cat << EOF > "${_target_dir}/passwd.txt"
|
cat << EOF > "${_target_dir}/passwd.txt"
|
||||||
key...............: $(basename "$_CLIENT_KEY")
|
key...............: $(basename "$_CLIENT_KEY")
|
||||||
common name.......: $(basename "${_CLIENT_KEY%.*}")
|
common name.......: $_CLIENT_CN
|
||||||
password..........: ${KEY_PW}
|
password..........: ${KEY_PW}
|
||||||
EOF
|
EOF
|
||||||
if [[ $? -ne 0 ]] ; then
|
if [[ $? -ne 0 ]] ; then
|
||||||
@ -719,8 +722,8 @@ fi
|
|||||||
# - with its suffix '.ovpn' is needed.
|
# - with its suffix '.ovpn' is needed.
|
||||||
# -
|
# -
|
||||||
_failed=false
|
_failed=false
|
||||||
echononl " Create zip archive '${KEY_CN}-${NEW_KEY_NAME}.tblk.zip' for MAC OS .."
|
echononl " Create zip archive '${_CLIENT_CN}.tblk.zip' for MAC OS .."
|
||||||
target_macos_tblk_dir="${_target_dir}/${KEY_CN}-${NEW_KEY_NAME}.tblk"
|
target_macos_tblk_dir="${_target_dir}/${_CLIENT_CN}.tblk"
|
||||||
mkdir "$target_macos_tblk_dir" > $log_file 2>&1
|
mkdir "$target_macos_tblk_dir" > $log_file 2>&1
|
||||||
if [[ $? -ne 0 ]] ; then
|
if [[ $? -ne 0 ]] ; then
|
||||||
_failed=true
|
_failed=true
|
||||||
@ -741,12 +744,12 @@ chown -R ${user_name}:$user_name "$target_macos_tblk_dir" >> $log_file 2>&1
|
|||||||
if [[ $? -ne 0 ]] ; then
|
if [[ $? -ne 0 ]] ; then
|
||||||
_failed=true
|
_failed=true
|
||||||
fi
|
fi
|
||||||
zip -r "${KEY_CN}-${NEW_KEY_NAME}.tblk.zip" \
|
zip -r "${_CLIENT_CN}.tblk.zip" \
|
||||||
"${KEY_CN}-${NEW_KEY_NAME}.tblk" >> $log_file 2>&1
|
"${_CLIENT_CN}.tblk" >> $log_file 2>&1
|
||||||
if [[ $? -ne 0 ]] ; then
|
if [[ $? -ne 0 ]] ; then
|
||||||
_failed=true
|
_failed=true
|
||||||
fi
|
fi
|
||||||
chown ${user_name}:$user_name "${KEY_CN}-${NEW_KEY_NAME}.tblk.zip" >> $log_file 2>&1
|
chown ${user_name}:$user_name "${_CLIENT_CN}.tblk.zip" >> $log_file 2>&1
|
||||||
if [[ $? -ne 0 ]] ; then
|
if [[ $? -ne 0 ]] ; then
|
||||||
_failed=true
|
_failed=true
|
||||||
fi
|
fi
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user