[ssl_mgmt] Send email with new fingerprints
This commit is contained in:
parent
27630ea277
commit
4f51528611
|
|
@ -146,6 +146,15 @@ set_variables ()
|
|||
opensslCnfFile=openssl.cnf
|
||||
rootCAPwdPath=${rootCAPwdPath:-/root/passwords/root_ca}
|
||||
managedCerts=${managedCerts:-$(xargs </root/homemade-certs)}
|
||||
notifiedUsers=${notifiedUsers:-}
|
||||
notifySubject=${notifySubject:-'New fingerprint for service $service'}
|
||||
if [ -z "${notifyTemplate:-}" ]
|
||||
then
|
||||
notifyTemplate='Certificate for $service has changed.
|
||||
The fingerprint of the new certificate is:
|
||||
|
||||
$fingerprint'
|
||||
fi
|
||||
}
|
||||
|
||||
# @param subject the subject line
|
||||
|
|
@ -292,6 +301,16 @@ generate_cert ()
|
|||
echo "No file named $certFile in directory $certDestDir:" >&2
|
||||
echo "there might be a problem" >&2
|
||||
fi
|
||||
fingerprint="$(openssl x509 -in "$certPath" -noout -fingerprint)"
|
||||
fingerprint=${fingerprint#*=}
|
||||
if [ -n "$notifiedUsers" ]
|
||||
then
|
||||
eval notifySubject="\"$notifySubject\""
|
||||
eval notifyTemplate="\"$notifyTemplate\""
|
||||
mail -s "$notifySubject" $notifiedUsers <<EOF
|
||||
$notifyTemplate
|
||||
EOF
|
||||
fi
|
||||
mv $certSubdir/$certFile $certDestDir
|
||||
fi
|
||||
cat $keyDestDir/$keyFile $certDestDir/$certFile > $keyDestDir/$keycertFile
|
||||
|
|
|
|||
|
|
@ -9,3 +9,4 @@ keyDestDir=$destDir/private
|
|||
opensslCnfFile=openssl.cnf
|
||||
rootCAPwdPath=$workDir/root_ca
|
||||
managedCerts=$workDir/managed_certs
|
||||
notifiedUsers=robotux
|
||||
|
|
|
|||
Loading…
Reference in New Issue