[ssl_mgmt] Send email with new fingerprints
This commit is contained in:
parent
27630ea277
commit
4f51528611
|
@ -146,6 +146,15 @@ set_variables ()
|
||||||
opensslCnfFile=openssl.cnf
|
opensslCnfFile=openssl.cnf
|
||||||
rootCAPwdPath=${rootCAPwdPath:-/root/passwords/root_ca}
|
rootCAPwdPath=${rootCAPwdPath:-/root/passwords/root_ca}
|
||||||
managedCerts=${managedCerts:-$(xargs </root/homemade-certs)}
|
managedCerts=${managedCerts:-$(xargs </root/homemade-certs)}
|
||||||
|
notifiedUsers=${notifiedUsers:-}
|
||||||
|
notifySubject=${notifySubject:-'New fingerprint for service $service'}
|
||||||
|
if [ -z "${notifyTemplate:-}" ]
|
||||||
|
then
|
||||||
|
notifyTemplate='Certificate for $service has changed.
|
||||||
|
The fingerprint of the new certificate is:
|
||||||
|
|
||||||
|
$fingerprint'
|
||||||
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
# @param subject the subject line
|
# @param subject the subject line
|
||||||
|
@ -292,6 +301,16 @@ generate_cert ()
|
||||||
echo "No file named $certFile in directory $certDestDir:" >&2
|
echo "No file named $certFile in directory $certDestDir:" >&2
|
||||||
echo "there might be a problem" >&2
|
echo "there might be a problem" >&2
|
||||||
fi
|
fi
|
||||||
|
fingerprint="$(openssl x509 -in "$certPath" -noout -fingerprint)"
|
||||||
|
fingerprint=${fingerprint#*=}
|
||||||
|
if [ -n "$notifiedUsers" ]
|
||||||
|
then
|
||||||
|
eval notifySubject="\"$notifySubject\""
|
||||||
|
eval notifyTemplate="\"$notifyTemplate\""
|
||||||
|
mail -s "$notifySubject" $notifiedUsers <<EOF
|
||||||
|
$notifyTemplate
|
||||||
|
EOF
|
||||||
|
fi
|
||||||
mv $certSubdir/$certFile $certDestDir
|
mv $certSubdir/$certFile $certDestDir
|
||||||
fi
|
fi
|
||||||
cat $keyDestDir/$keyFile $certDestDir/$certFile > $keyDestDir/$keycertFile
|
cat $keyDestDir/$keyFile $certDestDir/$certFile > $keyDestDir/$keycertFile
|
||||||
|
|
|
@ -9,3 +9,4 @@ keyDestDir=$destDir/private
|
||||||
opensslCnfFile=openssl.cnf
|
opensslCnfFile=openssl.cnf
|
||||||
rootCAPwdPath=$workDir/root_ca
|
rootCAPwdPath=$workDir/root_ca
|
||||||
managedCerts=$workDir/managed_certs
|
managedCerts=$workDir/managed_certs
|
||||||
|
notifiedUsers=robotux
|
||||||
|
|
Loading…
Reference in New Issue