revoke_key.sh: fix errors old easysrsa layout.
This commit is contained in:
parent
3f24f9a5f0
commit
c8663d51f9
@ -332,30 +332,6 @@ if $EASYRSA_LAYOUT_NEW ; then
|
|||||||
error "$(cat $log_file)"
|
error "$(cat $log_file)"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# ---
|
|
||||||
# - Change group (nogroup) for file 'crl.pem'
|
|
||||||
# ---
|
|
||||||
echononl "Change group (to nogroup) for '${OPENVPN_KEY_DIR}/crl.pem'.."
|
|
||||||
chgrp nogroup "${OPENVPN_KEY_DIR}/crl.pem" > "$log_file" 2>&1
|
|
||||||
if [[ $? -eq 0 ]] ; then
|
|
||||||
echo_ok
|
|
||||||
else
|
|
||||||
echo_failed
|
|
||||||
error "$(cat $log_file)"
|
|
||||||
fi
|
|
||||||
|
|
||||||
# ---
|
|
||||||
# - Change permission (640) for file 'crl.pem'
|
|
||||||
# ---
|
|
||||||
echononl "Change permissions (640) for ${OPENVPN_KEY_DIR}/crl.pem"
|
|
||||||
chmod 644 ${OPENVPN_KEY_DIR}/crl.pem > "$log_file" 2>&1
|
|
||||||
if [[ $? -eq 0 ]] ; then
|
|
||||||
echo_ok
|
|
||||||
else
|
|
||||||
echo_failed
|
|
||||||
error "$(cat $log_file)"
|
|
||||||
fi
|
|
||||||
|
|
||||||
else
|
else
|
||||||
|
|
||||||
# ---
|
# ---
|
||||||
@ -379,18 +355,8 @@ else
|
|||||||
echo -e "\033[32m--\033[m"
|
echo -e "\033[32m--\033[m"
|
||||||
echo ""
|
echo ""
|
||||||
|
|
||||||
#echononl "Change into key directory '$KEY_DIR'.."
|
|
||||||
#cd "$KEY_DIR" > "$log_file" 2>&1
|
|
||||||
#if [[ $? -eq 0 ]] ; then
|
|
||||||
# echo_ok
|
|
||||||
#else
|
|
||||||
# echo_failed
|
|
||||||
# fatal "$(cat $log_file)"
|
|
||||||
#fi
|
|
||||||
|
|
||||||
echononl "Revoke key ${KEY_NAME_TO_REVOKE}.key and update data base .."
|
echononl "Revoke key ${KEY_NAME_TO_REVOKE}.key and update data base .."
|
||||||
#$OPENSSL ca -revoke "${KEY_NAME_TO_REVOKE}.crt" -config "$KEY_CONFIG" > "$log_file" 2>&1
|
$OPENSSL ca -revoke "${_CLIENT_CERT}" -config "$KEY_CONFIG" > "$log_file" 2>&1
|
||||||
$OPENSSL ca -revoke "${_CLIENT_KEY}" -config "$KEY_CONFIG" > "$log_file" 2>&1
|
|
||||||
if [[ $? -eq 0 ]] ; then
|
if [[ $? -eq 0 ]] ; then
|
||||||
echo_ok
|
echo_ok
|
||||||
else
|
else
|
||||||
@ -399,7 +365,6 @@ else
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
echononl "Generate a new CRL -- try to be compatible with intermediate PKIs"
|
echononl "Generate a new CRL -- try to be compatible with intermediate PKIs"
|
||||||
#$OPENSSL ca -gencrl -out "$CRL" -config "$KEY_CONFIG" > "$log_file" 2>&1
|
|
||||||
$OPENSSL ca -gencrl -out "$_CRL" -config "$KEY_CONFIG" > "$log_file" 2>&1
|
$OPENSSL ca -gencrl -out "$_CRL" -config "$KEY_CONFIG" > "$log_file" 2>&1
|
||||||
if [[ $? -eq 0 ]] ; then
|
if [[ $? -eq 0 ]] ; then
|
||||||
echo_ok
|
echo_ok
|
||||||
@ -409,6 +374,30 @@ else
|
|||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# ---
|
||||||
|
# - Change group (nogroup) for file 'crl.pem'
|
||||||
|
# ---
|
||||||
|
echononl "Change group (to nogroup) for '${OPENVPN_KEY_DIR}/crl.pem'.."
|
||||||
|
chgrp nogroup "${_CRL}" > "$log_file" 2>&1
|
||||||
|
if [[ $? -eq 0 ]] ; then
|
||||||
|
echo_ok
|
||||||
|
else
|
||||||
|
echo_failed
|
||||||
|
error "$(cat $log_file)"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# ---
|
||||||
|
# - Change permission (640) for file 'crl.pem'
|
||||||
|
# ---
|
||||||
|
echononl "Change permissions (640) for ${OPENVPN_KEY_DIR}/crl.pem"
|
||||||
|
chmod 640 "${_CRL}" > "$log_file" 2>&1
|
||||||
|
if [[ $? -eq 0 ]] ; then
|
||||||
|
echo_ok
|
||||||
|
else
|
||||||
|
echo_failed
|
||||||
|
error "$(cat $log_file)"
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
# ---
|
# ---
|
||||||
# - Check if Revokation was sucessfully.
|
# - Check if Revokation was sucessfully.
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user