From bfca571083f633dfe82c9a6afacee7b8992159b0 Mon Sep 17 00:00:00 2001 From: Gunnar Beutner Date: Thu, 17 Oct 2013 15:40:47 +0200 Subject: [PATCH] Fix PKI scripts. --- pki/icinga2-build-ca.in | 2 +- pki/icinga2-build-key.in | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/pki/icinga2-build-ca.in b/pki/icinga2-build-ca.in index 4b806c608..5ca46a896 100644 --- a/pki/icinga2-build-ca.in +++ b/pki/icinga2-build-ca.in @@ -17,4 +17,4 @@ fi echo '01' > $ICINGA_CA/serial touch $ICINGA_CA/index.txt -CN_DEFAULT="Icinga CA" KEY_DIR=$ICINGA_CA openssl req -new -newkey rsa:4096 -x509 -nodes -days 3650 -config openssl.cnf -keyform PEM -keyout ca.key -outform PEM -out ca.crt +CN_DEFAULT="Icinga CA" KEY_DIR=$ICINGA_CA openssl req -config $ICINGA2PKIDIR/openssl.cnf -new -newkey rsa:4096 -x509 -nodes -days 3650 -keyform PEM -keyout $ICINGA_CA/ca.key -outform PEM -out $ICINGA_CA/ca.crt diff --git a/pki/icinga2-build-key.in b/pki/icinga2-build-key.in index 5217451f2..81c18bb91 100644 --- a/pki/icinga2-build-key.in +++ b/pki/icinga2-build-key.in @@ -1,4 +1,4 @@ -#!/bin/sh +#!/bin/bash prefix=@prefix@ datarootdir=@datarootdir@ datadir=@datadir@ @@ -21,7 +21,7 @@ if [ ! -f $ICINGA_CA/ca.crt -o ! -f $ICINGA_CA/ca.key ]; then exit 1 fi -CN_DEFAULT=$name KEY_DIR=$ICINGA_CA openssl req -new -newkey rsa:4096 -config openssl.cnf -keyform PEM -keyout $name.key -outform PEM -out $name.csr -nodes && \ - openssl x509 -days 3650 -CA ca.crt -CAkey ca.key -req -in $name.csr -outform PEM -out $name.crt -CAserial serial +CN_DEFAULT=$name KEY_DIR=$ICINGA_CA openssl req -config $ICINGA2PKIDIR/openssl.cnf -new -newkey rsa:4096 -keyform PEM -keyout $ICINGA_CA/$name.key -outform PEM -out $ICINGA_CA/$name.csr -nodes && \ + openssl x509 -days 3650 -CA $ICINGA_CA/ca.crt -CAkey $ICINGA_CA/ca.key -req -in $ICINGA_CA/$name.csr -outform PEM -out $ICINGA_CA/$name.crt -CAserial $ICINGA_CA/serial