You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
The output of openssl x509 -text changed from lines like: O=foo/OU=bar to lines like: O = foo, OU = bar This commit adapts the code to that change. TODO: A machine readable output ought to be used instead.
|3 years ago|
|tests||7 years ago|
|README||8 years ago|
|TODO||8 years ago|
|debian-admin_openssl_howto.html||8 years ago|
|openssl.cnf.in||3 years ago|
|ssl_mgmt||3 years ago|
|ssl_mgmt.conf||8 years ago|
ssl_mgmt is a helper to manage SSL certificates: creation, renewal and removal.
So far, only renewal is supported.
ssl_mgmt refers to certificates through the service they are associated with.
*** EXAMPLES ***
To renew the certificate associated to HTTPS, the command line is:
ssl_mgmt renew https
If you want to renew certificates of all services, you should do:
ssl_mgmt renew all
Note: This suppose that
* all services are listed in managedCerts in the configuration file whether
directly or by setting its value from a file;
* the root CA is already created;
* /usr/local/lib/ssl_mgmt contains an openssl configuration file template
named openssl.cnf.in, a file serial containing a hex number indicating the
number of signed certificates so far, a file index.txt with a list (possibly
empty) of all certificates signed so far and the directories newcerts,
newkeys and csr.
The file system hierarchy assumed is: