aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorjames <james@e7ae566f-a301-0410-adde-c780ea21d3b5>2008-10-28 05:42:02 +0000
committerjames <james@e7ae566f-a301-0410-adde-c780ea21d3b5>2008-10-28 05:42:02 +0000
commitd56dec67dd09c8dd088d699c896e3013b5cfb2ef (patch)
treee46ed61c035631d666d5d37f42b31d3f33b4684a
parentSave X509 Subject fields to environment, using the naming convention: (diff)
downloadopenvpn-d56dec67dd09c8dd088d699c896e3013b5cfb2ef.tar.xz
Change to pkitool/openssl.cnf so that calling scripts can
set the KEY_NAME environmental variable to set the "name" X509 subject field in generated certificates. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3460 e7ae566f-a301-0410-adde-c780ea21d3b5
-rwxr-xr-xeasy-rsa/2.0/openssl.cnf6
-rwxr-xr-xeasy-rsa/2.0/pkitool11
2 files changed, 16 insertions, 1 deletions
diff --git a/easy-rsa/2.0/openssl.cnf b/easy-rsa/2.0/openssl.cnf
index a781dda..3e4d3b3 100755
--- a/easy-rsa/2.0/openssl.cnf
+++ b/easy-rsa/2.0/openssl.cnf
@@ -74,6 +74,7 @@ stateOrProvinceName = match
organizationName = match
organizationalUnitName = optional
commonName = supplied
+name = optional
emailAddress = optional
# For the 'anything' policy
@@ -86,6 +87,7 @@ localityName = optional
organizationName = optional
organizationalUnitName = optional
commonName = supplied
+name = optional
emailAddress = optional
####################################################################
@@ -137,6 +139,9 @@ organizationalUnitName = Organizational Unit Name (eg, section)
commonName = Common Name (eg, your name or your server\'s hostname)
commonName_max = 64
+name = Name
+name_max = 64
+
emailAddress = Email Address
emailAddress_default = $ENV::KEY_EMAIL
emailAddress_max = 40
@@ -144,6 +149,7 @@ emailAddress_max = 40
# JY -- added for batch mode
organizationalUnitName_default = $ENV::KEY_OU
commonName_default = $ENV::KEY_CN
+name_default = $ENV::KEY_NAME
# SET-ex3 = SET extension number 3
diff --git a/easy-rsa/2.0/pkitool b/easy-rsa/2.0/pkitool
index 56e485e..a18b1ae 100755
--- a/easy-rsa/2.0/pkitool
+++ b/easy-rsa/2.0/pkitool
@@ -27,6 +27,9 @@
# Calling scripts can set the certificate organizational
# unit with the KEY_OU environmental variable.
+# Calling scripts can also set the KEY_NAME environmental
+# variable to set the "name" X509 subject field.
+
PROGNAME=pkitool
VERSION=2.0
DEBUG=0
@@ -237,6 +240,11 @@ if [ -z "$KEY_OU" ]; then
KEY_OU=""
fi
+# Set X509 Name string to empty string if undefined
+if [ -z "$KEY_NAME" ]; then
+ KEY_NAME=""
+fi
+
# Set KEY_CN
if [ $DO_ROOT -eq 1 ]; then
if [ -z "$KEY_CN" ]; then
@@ -260,7 +268,7 @@ else
fi
fi
-export CA_EXPIRE KEY_EXPIRE KEY_OU KEY_CN PKCS11_MODULE_PATH PKCS11_PIN
+export CA_EXPIRE KEY_EXPIRE KEY_OU KEY_NAME KEY_CN PKCS11_MODULE_PATH PKCS11_PIN
# Show parameters (debugging)
if [ $DEBUG -eq 1 ]; then
@@ -277,6 +285,7 @@ if [ $DEBUG -eq 1 ]; then
echo KEY_EXPIRE $KEY_EXPIRE
echo CA_EXPIRE $CA_EXPIRE
echo KEY_OU $KEY_OU
+ echo KEY_NAME $KEY_NAME
echo DO_P11 $DO_P11
echo PKCS11_MODULE_PATH $PKCS11_MODULE_PATH
echo PKCS11_SLOT $PKCS11_SLOT