diff options
author | james <james@e7ae566f-a301-0410-adde-c780ea21d3b5> | 2008-10-28 05:42:02 +0000 |
---|---|---|
committer | james <james@e7ae566f-a301-0410-adde-c780ea21d3b5> | 2008-10-28 05:42:02 +0000 |
commit | d56dec67dd09c8dd088d699c896e3013b5cfb2ef (patch) | |
tree | e46ed61c035631d666d5d37f42b31d3f33b4684a | |
parent | Save X509 Subject fields to environment, using the naming convention: (diff) | |
download | openvpn-d56dec67dd09c8dd088d699c896e3013b5cfb2ef.tar.xz |
Change to pkitool/openssl.cnf so that calling scripts can
set the KEY_NAME environmental variable to set the "name"
X509 subject field in generated certificates.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3460 e7ae566f-a301-0410-adde-c780ea21d3b5
-rwxr-xr-x | easy-rsa/2.0/openssl.cnf | 6 | ||||
-rwxr-xr-x | easy-rsa/2.0/pkitool | 11 |
2 files changed, 16 insertions, 1 deletions
diff --git a/easy-rsa/2.0/openssl.cnf b/easy-rsa/2.0/openssl.cnf index a781dda..3e4d3b3 100755 --- a/easy-rsa/2.0/openssl.cnf +++ b/easy-rsa/2.0/openssl.cnf @@ -74,6 +74,7 @@ stateOrProvinceName = match organizationName = match organizationalUnitName = optional commonName = supplied +name = optional emailAddress = optional # For the 'anything' policy @@ -86,6 +87,7 @@ localityName = optional organizationName = optional organizationalUnitName = optional commonName = supplied +name = optional emailAddress = optional #################################################################### @@ -137,6 +139,9 @@ organizationalUnitName = Organizational Unit Name (eg, section) commonName = Common Name (eg, your name or your server\'s hostname) commonName_max = 64 +name = Name +name_max = 64 + emailAddress = Email Address emailAddress_default = $ENV::KEY_EMAIL emailAddress_max = 40 @@ -144,6 +149,7 @@ emailAddress_max = 40 # JY -- added for batch mode organizationalUnitName_default = $ENV::KEY_OU commonName_default = $ENV::KEY_CN +name_default = $ENV::KEY_NAME # SET-ex3 = SET extension number 3 diff --git a/easy-rsa/2.0/pkitool b/easy-rsa/2.0/pkitool index 56e485e..a18b1ae 100755 --- a/easy-rsa/2.0/pkitool +++ b/easy-rsa/2.0/pkitool @@ -27,6 +27,9 @@ # Calling scripts can set the certificate organizational # unit with the KEY_OU environmental variable. +# Calling scripts can also set the KEY_NAME environmental +# variable to set the "name" X509 subject field. + PROGNAME=pkitool VERSION=2.0 DEBUG=0 @@ -237,6 +240,11 @@ if [ -z "$KEY_OU" ]; then KEY_OU="" fi +# Set X509 Name string to empty string if undefined +if [ -z "$KEY_NAME" ]; then + KEY_NAME="" +fi + # Set KEY_CN if [ $DO_ROOT -eq 1 ]; then if [ -z "$KEY_CN" ]; then @@ -260,7 +268,7 @@ else fi fi -export CA_EXPIRE KEY_EXPIRE KEY_OU KEY_CN PKCS11_MODULE_PATH PKCS11_PIN +export CA_EXPIRE KEY_EXPIRE KEY_OU KEY_NAME KEY_CN PKCS11_MODULE_PATH PKCS11_PIN # Show parameters (debugging) if [ $DEBUG -eq 1 ]; then @@ -277,6 +285,7 @@ if [ $DEBUG -eq 1 ]; then echo KEY_EXPIRE $KEY_EXPIRE echo CA_EXPIRE $CA_EXPIRE echo KEY_OU $KEY_OU + echo KEY_NAME $KEY_NAME echo DO_P11 $DO_P11 echo PKCS11_MODULE_PATH $PKCS11_MODULE_PATH echo PKCS11_SLOT $PKCS11_SLOT |