Commit Graph

152 Commits

Author SHA1 Message Date
Jérémy Dubois a026f2dbd4 README forgot a line 2022-08-09 15:45:06 +02:00
Jérémy Dubois 6870dbbc37 Update README : how to create or revoke many certificates at once 2022-08-09 15:44:03 +02:00
Jérémy Dubois 480ead3ff2 Merge pull request 'rewrite' (#5) from dev into master
Reviewed-on: #5
2022-04-14 17:20:34 +02:00
Jérémy Dubois 754c3455e0 Release 22.04 2022-04-14 17:20:04 +02:00
Jérémy Dubois d614079138 Update CHANGELOG 2022-04-14 17:15:20 +02:00
Jérémy Dubois 7a034a2a17 Some files must be copied to ansible-roles/openvpn 2022-04-14 16:47:33 +02:00
Jérémy Dubois 42de07cb66 Add version to files that will be copied out of this repo so that we easily know if they will need an update 2022-04-14 16:21:38 +02:00
Jérémy Dubois 992fde0930 Precising that the --end-date hour is in UTC +0 2022-04-14 15:53:59 +02:00
Jérémy Dubois 6165ccec6c Generate CRL only if (re)generating CA 2022-04-14 15:51:07 +02:00
Jérémy Dubois 55e02c6a13 Check if CN already exists only after having asked for user password
Otherwise, with "-p", "--replace-existing" and "--non-interactive", with
CA_PASSWORD set but PASSWORD unset, the existing certificate was revoked but
the new one could'nt be created. Now, PASSWORD must be set or the exisiting
certificate won't be revoked
2022-04-14 15:18:57 +02:00
Jérémy Dubois ba2f553ef4 Do not use --password and --password-file together 2022-04-14 15:01:09 +02:00
Jérémy Dubois 97f1affa1b Create crl file after init of PKI 2022-04-04 18:13:37 +02:00
Jérémy Dubois 14a65fa42d Change SUFFIX to use human readable date instead of epoch 2022-04-04 17:55:37 +02:00
Jérémy Dubois c76b7a02ca Split show_usage for each subcommand, add --version and --help in addition to version and help, update VERSION 2022-04-04 17:37:20 +02:00
Jérémy Dubois 1fa4ff205e Parse date in ISO format rather than US format 2022-04-04 17:01:19 +02:00
Jérémy Dubois 554f6166c9 Forget to delete a debug line 2022-03-29 18:59:09 +02:00
Jérémy Dubois 85c3324713 Update Copyright 2022-03-29 18:48:45 +02:00
Jérémy Dubois 9f13a42355 Handle the case where --days argument is not a number or a negative one
Before this test, the error was displayed but ignored and the certificate was
still created depending on the default_days value in openssl.cnf
2022-03-29 18:42:28 +02:00
Jérémy Dubois abf6fb131c Do not use --end-date and --days together 2022-03-29 18:20:16 +02:00
Jérémy Dubois 191ba257d9 Fix parsing options when no option is given 2022-03-29 18:19:33 +02:00
Jérémy Dubois e42af2183c Fix --non-interactive behavior: there were still some prompts to the user 2022-03-29 18:18:01 +02:00
Jérémy Dubois a640892ecb Syntax: no space before ":" 2022-03-29 18:17:03 +02:00
Jérémy Dubois 6d71a5a177 Fix end-date format depending on system 2022-03-29 18:15:57 +02:00
Jérémy Dubois 047c6e334a Improve README and show_usage 2022-03-29 18:10:47 +02:00
Jérémy Dubois 5f27702f17 Delete ovpn.conf.example unnecessary here
shellpki alone is not enough to install OpenVPN, and the openvpn role provides
the openvpn server configuration
2022-03-29 18:01:23 +02:00
Jérémy Dubois 50fc8c2d21 README file : delete unnecessary leading spaces 2022-03-22 18:11:17 +01:00
Jérémy Dubois d0c6a55538 README file and show_usage function : replace "cert" with "certificate" 2022-03-22 18:08:57 +01:00
Jérémy Dubois da7809f3c0 Update README file and show_usage function : forgotten information 2022-03-22 18:04:03 +01:00
Jérémy Dubois 4a2e5c93f1 Update README file and show_usage function 2022-03-22 18:01:22 +01:00
Jérémy Lecour d48dc132be fix replace-existing and non-interactive confict 2022-03-14 14:40:50 +01:00
Jérémy Dubois 69db5a80aa More conventional "list" parsing 2022-03-14 11:03:36 +01:00
Jérémy Dubois c92f7a5a7e Change ovpn example file to match the openvpn ansible role and wiki 2022-03-14 10:55:28 +01:00
Jérémy Dubois af24b1469d Add nobind option to client config 2022-03-14 10:55:06 +01:00
Jérémy Lecour e8ced03988 add .ovpn example 2022-03-11 14:12:27 +01:00
Jérémy Lecour 4bb24707b0 simplify "list" options parsing 2022-03-11 14:10:53 +01:00
Jérémy Lecour 10edbb19fa init can be "non-interactive" 2022-03-11 14:10:32 +01:00
Jérémy Lecour 6cc29fb1f8 reorder functions 2022-03-11 14:09:58 +01:00
Jérémy Lecour 68e4648694 fix shellcheck violations 2022-03-11 11:44:09 +01:00
Jérémy Lecour 41d0ca261d extract get_real_path function to normalize readlink arguments 2022-03-11 11:38:01 +01:00
Jérémy Lecour 593cf4a9f3 show usage if list has no argument, instead of "set -u" error 2022-03-11 11:36:20 +01:00
Jérémy Dubois 4b2b8a95ff cert-expirations.sh: search for valid certificates in the index file rather than in a directory where files could be deleted with the certificates still being valids 2022-02-18 11:45:12 +01:00
Jérémy Dubois 92ee845207 New script cn-validation.sh for OpenVPN 2021-06-14 14:30:34 +02:00
Jérémy Dubois fb22db8dac cert-expirations.sh => certificates names can contain upper case characters 2021-03-02 10:08:32 +01:00
Jérémy Dubois 0bf2bfe60c cert-expirations.sh : warning about UTC hours 2021-02-08 15:36:31 +01:00
Jérémy Dubois 847694339c cert-expirations.sh => certificates names can contain "_" in it 2020-11-06 11:19:38 +01:00
Jérémy Dubois 9deb73b548 cert-expirations.sh => certificates names can contain "@" in it 2020-11-06 10:53:00 +01:00
Jérémy Dubois ff7737e733 Add backup carp check to cert-expirations.sh 2020-11-06 10:14:03 +01:00
Jérémy Lecour 9f3b0a4cd4 list: better options parsing 2020-10-12 23:49:51 +02:00
Jérémy Lecour 83d0ef2449 "shellpki revoke" can be run interactively or not 2020-10-12 23:38:32 +02:00
Jérémy Lecour c83f210387 default values for variables in tests 2020-10-12 23:27:24 +02:00