From df6d06d84803e9e451a0786474703cceb2d978a4 Mon Sep 17 00:00:00 2001
From: Jeremy Lecour <jlecour@evolix.fr>
Date: Mon, 4 May 2020 23:02:48 +0200
Subject: [PATCH] Add option to revoke the existing certificate when creating
 one.

---
 shellpki | 18 ++++++++++++++++--
 1 file changed, 16 insertions(+), 2 deletions(-)

diff --git a/shellpki b/shellpki
index 5396874..5ebd8cb 100755
--- a/shellpki
+++ b/shellpki
@@ -327,7 +327,14 @@ create() {
 
         # check if CN already exist
         if [ -f "${CRT_DIR}/${cn}.crt" ]; then
-            error "${cn} already used !"
+            printf "%s already exists, do you revoke and recreate it ? [y/N] " "${cn}"
+            read -r REPLY
+            resp=$(echo "${REPLY}" | tr 'Y' 'y')
+            if [ "${resp}" = "y" ]; then
+                revoke "${cn}"
+            else
+                error "Abort"
+            fi
         fi
 
         # ca sign and generate cert
@@ -346,7 +353,14 @@ create() {
 
         # check if CN already exist
         if [ -f "${CRT_DIR}/${cn}.crt" ]; then
-            error "${cn} already used !"
+            printf "%s already exists, do you revoke and recreate it ? [y/N] " "${cn}"
+            read -r REPLY
+            resp=$(echo "${REPLY}" | tr 'Y' 'y')
+            if [ "${resp}" = "y" ]; then
+                revoke "${cn}"
+            else
+                error "Abort"
+            fi
         fi
 
         # ask for CA passphrase