Mercurial > hg > freeDiameter

changeset 147:de0f9f43d659

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Fix, bis
author Sebastien Decugis <sdecugis@nict.go.jp>
date Tue, 22 Dec 2009 13:49:54 +0900
parents 93acf84e7ea9
children 7221f5de0302
files contrib/ca_script2/Makefile contrib/ca_script2/openssl.cnf
diffstat 2 files changed, 7 insertions(+), 5 deletions(-) [+]
line wrap: on
line diff
--- a/contrib/ca_script2/Makefile	Tue Dec 22 13:40:31 2009 +0900
+++ b/contrib/ca_script2/Makefile	Tue Dec 22 13:49:54 2009 +0900
@@ -102,7 +102,7 @@
 	@ln -s ../$(ca) $(DATA_DIR)/$(name)/parent
 	@cat $(DATA_DIR)/$(ca)/public/cachain.pem $(DATA_DIR)/$(name)/public/cacert.pem > $(DATA_DIR)/$(name)/public/cachain.pem
 	@ln -s ../../$(ca)/public/caroot.pem $(DATA_DIR)/$(name)/public/caroot.pem
-	@for CRL in `cd $(DATA_DIR)/$(ca)/public/crl && ls -1`; do ln -sf ../../../$(ca)/public/crl/$(CRL) $(DATA_DIR)/$(name)/public/crl/$(CRL); done
+	@for CRLFILE in `cd $(DATA_DIR)/$(ca)/public/crl && ls -1`; do ln -sf ../../../$(ca)/public/crl/$(CRLFILE) $(DATA_DIR)/$(name)/public/crl/$(CRLFILE); done
 	@$(REMAKE) gencrl ca=$(name)
 
 # Create a new certificate for use in TLS communications and other terminal usages
@@ -148,8 +148,10 @@
 # Regenerate the Certificate Revocation List.
 gencrl:
 	@if [ -z "$(ca)" ]; then echo "Missing parameter. Ex: make gencrl ca=ca.testbed.aaa"; exit 1; fi
-	# Create the CRL (keep the old one?)
+	# Create the CRL
+	@rm -f $(DATA_DIR)/$(ca)/public/crl/local.pem
 	@CA_ROOT_DIR=$(DATA_DIR)/$(ca) openssl ca $(CONFIG) -gencrl -out $(DATA_DIR)/$(ca)/public/crl/$(ca).pem
-	@ln -s crl.pem $(DATA_DIR)/$(ca)/public/`openssl crl -noout -hash < $(DATA_DIR)/$(ca)/public/crl/$(ca).pem`.r0
+	@ln -s $(ca).pem $(DATA_DIR)/$(ca)/public/crl/local.pem
+	@ln -s crl/$(ca).pem $(DATA_DIR)/$(ca)/public/`openssl crl -noout -hash < $(DATA_DIR)/$(ca)/public/crl/$(ca).pem`.r0
 
 # End of file...
--- a/contrib/ca_script2/openssl.cnf	Tue Dec 22 13:40:31 2009 +0900
+++ b/contrib/ca_script2/openssl.cnf	Tue Dec 22 13:49:54 2009 +0900
@@ -60,7 +60,7 @@
 
 dir		= $ENV::CA_ROOT_DIR	# Where everything is kept
 certs		= $dir/public		# Where the issued certs are kept
-crl_dir		= $dir/public		# Where the issued crl are kept
+crl_dir		= $dir/public/crl	# Where the issued crl are kept
 database	= $dir/index.txt	# database index file.
 #unique_subject	= no			# Set to 'no' to allow creation of
 					# several ctificates with same subject.
@@ -69,7 +69,7 @@
 certificate	= $dir/public/cacert.pem 	# The CA certificate
 serial		= $dir/serial 		# The current serial number
 crlnumber	= $dir/crlnumber	# the current crl number
-crl		= $dir/public/crl.pem 		# The current CRL
+crl		= $dir/public/crl/local.pem 		# The current CRL
 private_key	= $dir/private/cakey.pem	# The private key
 x509_extensions	= usr_cert		# The extentions to add to the cert
 					# overwrite with -extensions
"Welcome to our mercurial repository"