Skip to content

Commit 71799cc

Browse files
d3vilhd3vilh
authored
Merge pull request #36 from d3vilh/easyras+
Easyrsa update
2 parents 4a74671 + 9fed2de commit 71799cc

File tree

2 files changed

+8
-6
lines changed

2 files changed

+8
-6
lines changed

Dockerfile

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
# Start from Alpine base image
22
FROM alpine
33
LABEL maintainer="Mr.Philipp <[email protected]>"
4-
LABEL version="0.5.4"
4+
LABEL version="0.5.5"
55

66
# Set the working directory to /opt/app
77
WORKDIR /opt/app

bin/genclient.sh

Lines changed: 7 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
#!/bin/bash
2-
#VERSION 0.3 by [email protected] aka Mr. Philipp
2+
#VERSION 0.4 by [email protected] aka Mr. Philipp. Updated with Easyrsa 3 support.
33
# Exit immediately if a command exits with a non-zero status.
44
set -e
55

@@ -27,7 +27,7 @@ fi
2727
export EASYRSA_BATCH=1 # see https://superuser.com/questions/1331293/easy-rsa-v3-execute-build-ca-and-gen-req-silently
2828

2929
echo 'Patching easy-rsa.3.1.1 openssl-easyrsa.cnf...'
30-
sed -i '/serialNumber_default/d' "$EASY_RSA/pki/openssl-easyrsa.cnf"
30+
sed -i '/serialNumber_default/d' "$EASY_RSA/openssl-easyrsa.cnf"
3131

3232
echo 'Generate client certificate...'
3333
echo -e "Will use following parameters: \nEASYRSA_CERT_EXPIRE: $EASYRSA_CERT_EXPIRE\nEASYRSA_REQ_EMAIL: $EASYRSA_REQ_EMAIL\nEASYRSA_REQ_COUNTRY: $EASYRSA_REQ_COUNTRY\nEASYRSA_REQ_PROVINCE: $EASYRSA_REQ_PROVINCE\nEASYRSA_REQ_CITY: $EASYRSA_REQ_CITY\nEASYRSA_REQ_ORG: $EASYRSA_REQ_ORG\nEASYRSA_REQ_OU: $EASYRSA_REQ_OU"
@@ -38,16 +38,18 @@ cd $EASY_RSA
3838
# Generate certificates
3939
if [[ -z $CERT_PASS ]]; then
4040
echo 'Without password...'
41-
./easyrsa --batch --req-cn="$CERT_NAME" --days="$EASYRSA_CERT_EXPIRE" --req-email="$EASYRSA_REQ_EMAIL" gen-req "$CERT_NAME" nopass subject="/C=$EASYRSA_REQ_COUNTRY/ST=$EASYRSA_REQ_PROVINCE/L=$EASYRSA_REQ_CITY/O=$EASYRSA_REQ_ORG/OU=$EASYRSA_REQ_OU"
41+
./easyrsa --batch --req-cn="$CERT_NAME" --days="$EASYRSA_CERT_EXPIRE" --req-email="$EASYRSA_REQ_EMAIL" gen-req "$CERT_NAME" nopass
42+
#subject="/C=$EASYRSA_REQ_COUNTRY/ST=$EASYRSA_REQ_PROVINCE/L=$EASYRSA_REQ_CITY/O=$EASYRSA_REQ_ORG/OU=$EASYRSA_REQ_OU"
4243
else
4344
echo 'With password...'
4445
# See https://stackoverflow.com/questions/4294689/how-to-generate-an-openssl-key-using-a-passphrase-from-the-command-line
4546
# ... and https://stackoverflow.com/questions/22415601/using-easy-rsa-how-to-automate-client-server-creation-process
4647
# ... and https://github.com/OpenVPN/easy-rsa/blob/master/doc/EasyRSA-Advanced.md
47-
(echo -e '\n') | ./easyrsa --batch --req-cn="$CERT_NAME" --days="$EASYRSA_CERT_EXPIRE" --req-email="$EASYRSA_REQ_EMAIL" --passin=pass:"${CERT_PASS}" --passout=pass:"${CERT_PASS}" gen-req "$CERT_NAME" subject="/C=$EASYRSA_REQ_COUNTRY/ST=$EASYRSA_REQ_PROVINCE/L=$EASYRSA_REQ_CITY/O=$EASYRSA_REQ_ORG/OU=$EASYRSA_REQ_OU"
48+
(echo -e '\n') | ./easyrsa --batch --req-cn="$CERT_NAME" --days="$EASYRSA_CERT_EXPIRE" --req-email="$EASYRSA_REQ_EMAIL" --passin=pass:"${CERT_PASS}" --passout=pass:"${CERT_PASS}" gen-req "$CERT_NAME"
49+
#subject="/C=$EASYRSA_REQ_COUNTRY/ST=$EASYRSA_REQ_PROVINCE/L=$EASYRSA_REQ_CITY/O=$EASYRSA_REQ_ORG/OU=$EASYRSA_REQ_OU"
4850
fi
4951

50-
# Sign request
52+
# Sign request. Bypass "yes" with export EASYRSA_BATCH=1
5153
./easyrsa sign-req client "$CERT_NAME"
5254
# Fix for /name in index.txt
5355

0 commit comments

Comments
 (0)