[ssl_mgmt] Change default to sane values
Now that our installation was migrating to saner places, change default values.
This commit is contained in:
parent
92962f6168
commit
7510335e26
|
@ -135,7 +135,7 @@ set_variables ()
|
||||||
|
|
||||||
. $cnfFilePath
|
. $cnfFilePath
|
||||||
|
|
||||||
workDir=${workDir:-/usr/lib/ssl/CA}
|
workDir=${workDir:-${0%/*/*}/lib/${0##*/}}
|
||||||
csrSubdir=${csrSubdir:-csr}
|
csrSubdir=${csrSubdir:-csr}
|
||||||
certSubdir=${certSubdir:-newcerts}
|
certSubdir=${certSubdir:-newcerts}
|
||||||
keySubdir=${keySubdir:-newkeys}
|
keySubdir=${keySubdir:-newkeys}
|
||||||
|
@ -144,8 +144,12 @@ set_variables ()
|
||||||
CACertPath=${CACertPath:-$certDestDir/ca-cert.pem}
|
CACertPath=${CACertPath:-$certDestDir/ca-cert.pem}
|
||||||
CAKeyPath=${CAKeyPath:-$keyDestDir/ca-key.pem}
|
CAKeyPath=${CAKeyPath:-$keyDestDir/ca-key.pem}
|
||||||
opensslCnfFile=openssl.cnf
|
opensslCnfFile=openssl.cnf
|
||||||
rootCAPwdPath=${rootCAPwdPath:-/root/passwords/root_ca}
|
if [ -z "${rootCAPwdPath:-}" ]
|
||||||
managedCerts=${managedCerts:-$(xargs </root/homemade-certs)}
|
then
|
||||||
|
echo -n "You must set rootCAPwdPath to the file containing" >&2
|
||||||
|
echo " the root CA password"
|
||||||
|
fi
|
||||||
|
managedCerts=${managedCerts:-}
|
||||||
notifiedUsers=${notifiedUsers:-}
|
notifiedUsers=${notifiedUsers:-}
|
||||||
notifySubject=${notifySubject:-'New fingerprint for service $service'}
|
notifySubject=${notifySubject:-'New fingerprint for service $service'}
|
||||||
if [ -z "${notifyTemplate:-}" ]
|
if [ -z "${notifyTemplate:-}" ]
|
||||||
|
@ -330,6 +334,11 @@ main ()
|
||||||
cd $workDir
|
cd $workDir
|
||||||
if [ "${service}" = "all" ]
|
if [ "${service}" = "all" ]
|
||||||
then
|
then
|
||||||
|
if [ -z "$managedCerts" ]
|
||||||
|
then
|
||||||
|
echo -n "You need to set managedCerts for renew" >&2
|
||||||
|
echo " all to work"
|
||||||
|
fi
|
||||||
exit_if_no_access "$managedCerts" "READ"
|
exit_if_no_access "$managedCerts" "READ"
|
||||||
services=""
|
services=""
|
||||||
for service in $managedCerts
|
for service in $managedCerts
|
||||||
|
|
Loading…
Reference in New Issue