isaacpittman-hitachi / rpms / openssl

Forked from rpms/openssl 2 years ago
Clone
450916
#!/bin/bash
450916
450916
if [ $# -eq 0 ]; then
450916
	echo $"Usage: `basename $0` filename" 1>&2
450916
	exit 1
450916
fi
450916
450916
PEM=$1
450916
REQ=`/bin/mktemp /tmp/openssl.XXXXXX`
450916
KEY=`/bin/mktemp /tmp/openssl.XXXXXX`
450916
CRT=`/bin/mktemp /tmp/openssl.XXXXXX`
450916
NEW=${PEM}_
450916
450916
trap "rm -f $REQ $KEY $CRT $NEW" SIGINT
450916
450916
if [ ! -f $PEM ]; then
450916
	echo "$PEM: file not found" 1>&2
450916
	exit 1
450916
fi
450916
450916
let -a SERIAL=0x$(openssl x509 -in $PEM -noout -serial | cut -d= -f2)
450916
let SERIAL++
450916
450916
umask 077
450916
450916
OWNER=`ls -l $PEM | awk '{ printf "%s.%s", $3, $4; }'`
450916
450916
openssl rsa -inform pem -in $PEM -out $KEY
450916
openssl x509 -x509toreq -in $PEM -signkey $KEY -out $REQ
450916
openssl x509 -req -in $REQ -signkey $KEY -set_serial $SERIAL -days 365 \
450916
	-extfile /etc/pki/tls/openssl.cnf -extensions v3_ca -out $CRT
450916
450916
(cat $KEY ; echo "" ; cat $CRT) > $NEW
450916
450916
chown $OWNER $NEW
450916
450916
mv -f $NEW $PEM
450916
450916
rm -f $REQ $KEY $CRT
450916
450916
exit 0
450916