Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Shell Script to provide "answers" to SSL Cert Request
Top Forums Shell Programming and Scripting Shell Script to provide "answers" to SSL Cert Request Post 302307491 by azvelocat on Wednesday 15th of April 2009 01:48:49 PM
Old 04-15-2009
Shell Script to provide "answers" to SSL Cert Request
Hello,

I need assistance with creating a shell script to generate SSL Certificate Requests on remote hosts. Below is my stab at this, but I cannot figure out how to pass the requested arguments into the openssl command correctly. I have a major problem with redirecting the "answers" into the openssl cert request. "hostlist" would contain any hosts that need the certificate signed.


Code:
#!/bin/sh
#
Country=US
State=CA
City=San Jose
Organization=Engineering
Host=""
Email=" "
for i in `cat hostlist`
do
  Host="$i" 
  ssh $i "sudo openssl genrsa -rand -des3 -out /tmp/serverkey.$i 1024 -config /use/share/ssl/openssl.cnf"
  echo $Country > /tmp/cert-data
  echo $State >> /tmp/cert-data
  echo $City >> /tmp/cert-data
  echo $Organization >> /tmp/cert-data
  echo $Host >> /tmp/cert-data
  echo $Email >> /tmp/cert-data
  scp /tmp/cert-data certuser@$i:/tmp/cert-data
  ssh $i sudo openssl req -new -key /tmp/serverkey.$i -out /tmp/server.csr.$i -config /usr/share/ssl/openssl.cnf < /tmp/cert-data
done


Once I get that to work, I can scp the /tmp/serverkey.$i to my Cert Authority and sign it.

Thank You.
Last edited by azvelocat; 04-15-2009 at 06:16 PM..
 

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

how to request a "read" or "delivered" receipt for mails

Dears, I've written a script which allows me to send mails in different formats with different attaches. Now I still want to add a feature to this script. My users would like to be able to receive a "read" or "delivered" receipt for their mails. The script send mails on behalve of an specific... (1 Reply)
Discussion started by: plelie2
1 Replies

2. UNIX for Dummies Questions & Answers

No utpmx entry: you must exec "login" from lowest level "shell"

Hi I have installed solaris 10 on an intel machine. Logged in as root. In CDE, i open terminal session, type login alex (normal user account) and password and i get this message No utpmx entry: you must exec "login" from lowest level "shell" :confused: What i want is: open various... (0 Replies)
Discussion started by: peterpan
0 Replies

3. AIX

"too big" and "not enough memory" errors in shell script

Hi, This is odd, however here goes. There are several shell scripts that run in our production environment AIX 595 LPAR m/c, which has sufficient memory 14GB (physical memory) and horsepower 5CPUs. However from time to time we get the following errors in these shell scripts. The time when these... (11 Replies)
Discussion started by: jerardfjay
11 Replies

4. UNIX for Dummies Questions & Answers

Command Character size limit in the "sh" and "bourne" shell

Hi!!.. I would like to know what is maximum character size for a command in the "sh" or "bourne" shell? Thanks in advance.. Roshan. (1 Reply)
Discussion started by: Roshan1286
1 Replies

5. UNIX for Advanced & Expert Users

Command Character size limit in the "sh" and "bourne" shell

Hi!!.. I would like to know what is maximum character size for a command in the "sh" or "bourne" shell? Thanks in advance.. Roshan. (1 Reply)
Discussion started by: Roshan1286
1 Replies

6. Shell Programming and Scripting

Command Character size limit in the "sh" and "bourne" shell

Hi!!.. I would like to know what is maximum character size for a command in the "sh" or "bourne" shell? Thanks in advance.. Roshan. (1 Reply)
Discussion started by: Roshan1286
1 Replies

7. OS X (Apple)

Weird "security" bahavior with SSL certificates

Hello, I have been attempting to automate the addition of SSL certificates to keychains on a MAC using the "security" command. I've noticed two things, 1 of which I don't understand. 1. If I use something like "security add-trusted-cert -d -k /System/Library/Keychains/SystemRootCertificates... (1 Reply)
Discussion started by: prafulnama
1 Replies

8. Shell Programming and Scripting

script that answers y unless output has a string "STRING" in it

Hi all, I have the following script which I use to chek the output of jobs submitted to a PBS server. #!/bin/sh # #recover.sh # check() { echo "Do you want to proceed?" read answer if ; then echo "... proceeding ..." else echo "--------- Aborting -----------"... (0 Replies)
Discussion started by: faizlo
0 Replies

9. Shell Programming and Scripting

awk command to replace ";" with "|" and ""|" at diferent places in line of file

Hi, I have line in input file as below: 3G_CENTRAL;INDONESIA_(M)_TELKOMSEL;SPECIAL_WORLD_GRP_7_FA_2_TELKOMSEL My expected output for line in the file must be : "1-Radon1-cMOC_deg"|"LDIndex"|"3G_CENTRAL|INDONESIA_(M)_TELKOMSEL"|LAST|"SPECIAL_WORLD_GRP_7_FA_2_TELKOMSEL" Can someone... (7 Replies)
Discussion started by: shis100
7 Replies

10. Shell Programming and Scripting

Bash script - Print an ascii file using specific font "Latin Modern Mono 12" "regular" "9"

Hello. System : opensuse leap 42.3 I have a bash script that build a text file. I would like the last command doing : print_cmd -o page-left=43 -o page-right=22 -o page-top=28 -o page-bottom=43 -o font=LatinModernMono12:regular:9 some_file.txt where : print_cmd ::= some printing... (1 Reply)
Discussion started by: jcdole
1 Replies

LEARN ABOUT CENTOS

ne_ssl_cert_signedby

NE_SSL_CERT_IDENTITY(3) 					neon API reference					   NE_SSL_CERT_IDENTITY(3)

NAME

       ne_ssl_cert_identity, ne_ssl_cert_signedby, ne_ssl_cert_issuer, ne_ssl_cert_subject - functions to access certificate properties

SYNOPSIS

       #include <ne_ssl.h>

       const char *ne_ssl_cert_identity(const ne_ssl_certificate *cert);

       const ne_ssl_certificate *ne_ssl_cert_signedby(const ne_ssl_certificate *cert);

       const ne_ssl_dname *ne_ssl_cert_subject(const ne_ssl_certificate *cert);

       const ne_ssl_dname *ne_ssl_cert_issuer(const ne_ssl_certificate *cert);

DESCRIPTION

       The function ne_ssl_cert_identity retrieves the "identity" of a certificate; for an SSL server certificate, this will be the hostname for
       which the certificate was issued. In PKI parlance, the identity is the common name attribute of the distinguished name of the certificate
       subject.

       The functions ne_ssl_cert_subject and ne_ssl_cert_issuer can be used to access the objects representing the distinguished name of the
       subject and of the issuer of a certificate, respectively.

       If a certificate object is part of a certificate chain, then ne_ssl_cert_signedby can be used to find the certificate which signed a
       particular certificate. For a self-signed certificate or a certificate for which the full chain is not available, this function will return
       NULL.

RETURN VALUE

       ne_ssl_cert_issuer and ne_ssl_cert_subject are guaranteed to never return NULL.	ne_ssl_cert_identity may return NULL if the certificate
       has no specific "identity".  ne_ssl_cert_signedby may return NULL as covered above.

EXAMPLES

       The following function could be used to display information about a given certificate:

	   void dump_cert(const ne_ssl_certificate *cert) {
	     const char *id = ne_ssl_cert_identity(cert);
	     char *dn;

	     if (id)
	       printf("Certificate was issued for '%s'.
", id);

	     dn = ne_ssl_readable_dname(ne_ssl_cert_subject(cert));
	     printf("Subject: %s
", dn);
	     free(dn);

	     dn = ne_ssl_readable_dname(ne_ssl_cert_issuer(cert));
	     printf("Issuer: %s
", dn);
	     free(dn);
	   }

SEE ALSO

       ne_ssl_cert_cmp, ne_ssl_readable_dname

AUTHOR

       Joe Orton <neon@lists.manyfish.co.uk>
	   Author.

COPYRIGHT

neon 0.30.0							   31 July 2013 					   NE_SSL_CERT_IDENTITY(3)
All times are GMT -4. The time now is 05:32 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy