diff options
Diffstat (limited to 'cepceslib.sh')
| -rwxr-xr-x | cepceslib.sh | 19 |
1 files changed, 12 insertions, 7 deletions
diff --git a/cepceslib.sh b/cepceslib.sh index b461c1a..4a10b71 100755 --- a/cepceslib.sh +++ b/cepceslib.sh @@ -18,14 +18,17 @@ # https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-xcep/3642fda9-8de2-417a-adad-9d368ffe8fc2 # https://medium.com/@fmcalbuquerque/python-elementtree-xml-api-with-dynamic-namespaces-171d9c9f391e # Improve: -# use env vars for CN and SANs +# Use IP.1 if a SAN is an ip address # Dependencies: # openssl, python3 # Documentation: README.md gen_csr() { - # input env vars: KEYFILE, CSRFILE, TEMPLATE + # input env vars: KEYFILE, CSRFILE, TEMPLATE, CN, SANS _cnf="$( mktemp )" + _cn="${CN:-$( hostname -f )}" + _san="${SANS:-$( hostname -s )}" + _san_list="$( echo "${_san}" | tr ',' '\n' | grep -E '.' | awk '{gsub("^","DNS."NR+1" = ",$0);print;}' )" cat >"${_cnf}" <<EOFCONF oid_section = new_oids [ req ] @@ -45,7 +48,7 @@ ST = New York L = New York O = Example Organization # Important value -CN = $( hostname -f ) +CN = ${_cn} #emailAddress = noreply@example.com [ req_ext ] @@ -56,8 +59,8 @@ certificateTemplateName = ASN1:UTF8STRING:${TEMPLATE} [ alt_names ] # Important value -DNS.1 = $( hostname -f ) -DNS.2 = $( hostname -s ) +DNS.1 = ${_cn} +${_san_list} EOFCONF # generate the csr openssl req -config "${_cnf}" -new -key "${KEYFILE}" -out "${CSRFILE}" @@ -104,7 +107,8 @@ EOFCES submit_ces_request() { # input env vars: CESURL, CESFILE # -k for irony - curl --silent \ + curl ${VERBOSE:+--verbose} \ + --silent \ "${CESURL}" \ -H "Content-Type: application/soap+xml" \ -X POST \ @@ -200,7 +204,8 @@ EOFCEP submit_cep_request() { # input env vars: CEPURL, CEPFILE - curl --silent \ + curl ${VERBOSE:+--verbose} \ + --silent \ "${CEPURL}" \ -H "Content-Type: application/soap+xml; charset=utf-8" \ -X POST \ |