File: revoke-full

package info (click to toggle)
openvpn 2.0.9-4etch1
  • links: PTS
  • area: main
  • in suites: etch
  • size: 3,648 kB
  • ctags: 4,608
  • sloc: ansic: 43,568; sh: 4,601; makefile: 205; perl: 55
file content (29 lines) | stat: -rwxr-xr-x 593 bytes parent folder | download | duplicates (7) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
 
#!/bin/sh

# revoke a certificate, regenerate CRL,
# and verify revocation

CRL=crl.pem
RT=revoke-test.pem

if test $# -ne 1; then
        echo "usage: revoke-full <name>";
        exit 1
fi

if test $KEY_DIR; then
       cd $KEY_DIR
       rm -f $RT

       # revoke key and generate a new CRL
       openssl ca -revoke $1.crt -config $KEY_CONFIG

       # generate a new CRL
       openssl ca -gencrl -out $CRL -config $KEY_CONFIG
       cat ca.crt $CRL >$RT
    
       # verify the revocation
       openssl verify -CAfile $RT -crl_check $1.crt
else
       echo you must define KEY_DIR
fi