diff options
| author | Richard Levitte <levitte@openssl.org> | 2005-07-04 21:44:19 +0000 |
|---|---|---|
| committer | Richard Levitte <levitte@openssl.org> | 2005-07-04 21:44:19 +0000 |
| commit | b269af68294ac1c82b4622d1d5d0271ed2ee0dd7 (patch) | |
| tree | 7eb4bc98fa7dee69cc7053876a42de294b553b68 /apps | |
| parent | 9273be0795ce6c9b00dbc53af5126b477154d8ea (diff) | |
| download | openssl-b269af68294ac1c82b4622d1d5d0271ed2ee0dd7.tar.gz | |
The private key should never have ended up in newreq.pem.
Now, it ends up in newkey.pem instead.
Diffstat (limited to 'apps')
| -rw-r--r-- | apps/CA.pl.in | 15 | ||||
| -rw-r--r-- | apps/CA.sh | 8 |
2 files changed, 12 insertions, 11 deletions
diff --git a/apps/CA.pl.in b/apps/CA.pl.in index 39f267d313..9c99739092 100644 --- a/apps/CA.pl.in +++ b/apps/CA.pl.in @@ -66,19 +66,19 @@ foreach (@ARGV) { exit 0; } elsif (/^-newcert$/) { # create a certificate - system ("$REQ -new -x509 -keyout newreq.pem -out newreq.pem $DAYS"); + system ("$REQ -new -x509 -keyout newkey.pem -out newcert.pem $DAYS"); $RET=$?; - print "Certificate (and private key) is in newreq.pem\n" + print "Certificate is in newcert.pem, private key is in newkey.pem\n" } elsif (/^-newreq$/) { # create a certificate request - system ("$REQ -new -keyout newreq.pem -out newreq.pem $DAYS"); + system ("$REQ -new -keyout newkey.pem -out newreq.pem $DAYS"); $RET=$?; - print "Request (and private key) is in newreq.pem\n"; + print "Request is in newreq.pem, private key is in newkey.pem\n"; } elsif (/^-newreq-nodes$/) { # create a certificate request - system ("$REQ -new -nodes -keyout newreq.pem -out newreq.pem $DAYS"); + system ("$REQ -new -nodes -keyout newkey.pem -out newreq.pem $DAYS"); $RET=$?; - print "Request (and private key) is in newreq.pem\n"; + print "Request is in newreq.pem, private key is in newkey.pem\n"; } elsif (/^-newca$/) { # if explicitly asked for or it doesn't exist then setup the # directory structure that Eric likes to manage things @@ -118,10 +118,11 @@ foreach (@ARGV) { } elsif (/^-pkcs12$/) { my $cname = $ARGV[1]; $cname = "My Certificate" unless defined $cname; - system ("$PKCS12 -in newcert.pem -inkey newreq.pem " . + system ("$PKCS12 -in newcert.pem -inkey newkey.pem " . "-certfile ${CATOP}/$CACERT -out newcert.p12 " . "-export -name \"$cname\""); $RET=$?; + print "PKCS #12 file is in newcert.p12\n"; exit $RET; } elsif (/^-xsign$/) { system ("$CA -policy policy_anything -infiles newreq.pem"); diff --git a/apps/CA.sh b/apps/CA.sh index 030a11fc25..84d7ec0b33 100644 --- a/apps/CA.sh +++ b/apps/CA.sh @@ -51,15 +51,15 @@ case $i in ;; -newcert) # create a certificate - $REQ -new -x509 -keyout newreq.pem -out newreq.pem $DAYS + $REQ -new -x509 -keyout newkey.pem -out newcert.pem $DAYS RET=$? - echo "Certificate (and private key) is in newreq.pem" + echo "Certificate is in newcert.pem, private key is in newkey.pem" ;; -newreq) # create a certificate request - $REQ -new -keyout newreq.pem -out newreq.pem $DAYS + $REQ -new -keyout newkey.pem -out newreq.pem $DAYS RET=$? - echo "Request (and private key) is in newreq.pem" + echo "Request is in newreq.pem, private key is in newkey.pem" ;; -newca) # if explicitly asked for or it doesn't exist then setup the directory |