New -newreq-nodes option to CA.pl.

Submitted by: Damien Miller <djm@mindrot.org>
This commit is contained in:
Bodo Möller 2001-01-11 13:23:19 +00:00
parent 10a2975a27
commit d199858e89
3 changed files with 18 additions and 3 deletions

View File

@ -3,6 +3,11 @@
Changes between 0.9.6 and 0.9.7 [xx XXX 2000]
*) New '-newreq-nodes' command option to CA.pl. This is like
'-newreq', but calls 'openssl req' with the '-nodes' option
so that the resulting key is not encrypted.
[Damien Miller <djm@mindrot.org>]
*) New configuration for the GNU Hurd.
[Jonathan Bartlett <johnnyb@wolfram.com> via Richard Levitte]

View File

@ -5,7 +5,7 @@
# things easier between now and when Eric is convinced to fix it :-)
#
# CA -newca ... will setup the right stuff
# CA -newreq ... will generate a certificate request
# CA -newreq[-nodes] ... will generate a certificate request
# CA -sign ... will sign the generated request and output
#
# At the end of that grab newreq.pem and newcert.pem (one has the key
@ -54,7 +54,7 @@ $RET = 0;
foreach (@ARGV) {
if ( /^(-\?|-h|-help)$/ ) {
print STDERR "usage: CA -newcert|-newreq|-newca|-sign|-verify\n";
print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n";
exit 0;
} elsif (/^-newcert$/) {
# create a certificate
@ -66,6 +66,11 @@ foreach (@ARGV) {
system ("$REQ -new -keyout newreq.pem -out newreq.pem $DAYS");
$RET=$?;
print "Request (and private key) is in newreq.pem\n";
} elsif (/^-newreq-nodes$/) {
# create a certificate request
system ("$REQ -new -nodes -keyout newreq.pem -out newreq.pem $DAYS");
$RET=$?;
print "Request (and private key) is in newreq.pem\n";
} elsif (/^-newca$/) {
# if explicitly asked for or it doesn't exist then setup the
# directory structure that Eric likes to manage things
@ -143,7 +148,7 @@ foreach (@ARGV) {
}
} else {
print STDERR "Unknown arg $_\n";
print STDERR "usage: CA -newcert|-newreq|-newca|-sign|-verify\n";
print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n";
exit 1;
}
}

View File

@ -13,6 +13,7 @@ B<CA.pl>
[B<-help>]
[B<-newcert>]
[B<-newreq>]
[B<-newreq-nodes>]
[B<-newca>]
[B<-xsign>]
[B<-sign>]
@ -46,6 +47,10 @@ written to the file "newreq.pem".
creates a new certificate request. The private key and request are
written to the file "newreq.pem".
=item B<-newreq-nowdes>
is like B<-newreq> except that the private key will not be encrypted.
=item B<-newca>
creates a new CA hierarchy for use with the B<ca> program (or the B<-signcert>