Commit Graph

152 Commits

Author SHA1 Message Date
Victor LABORIE a01ed24b47 Fix sh compatibility (shellcheck warning) 2018-12-12 18:11:11 +01:00
Victor LABORIE 326664676b Add doc for OpenVPN config file auto-generation 2018-10-24 15:38:31 +02:00
Victor LABORIE 091b32ee73 Add missing param in doc for shellpki init 2018-10-24 15:29:32 +02:00
Victor LABORIE 4092850742 PKIUSER is _shellpki on OpenBSD 2018-10-24 15:28:32 +02:00
Victor LABORIE 39bddf87ae Add documentation for install on OpenBSD 2018-10-24 15:21:43 +02:00
Victor LABORIE 545d251eab Add .swp file to gitignore 2018-10-24 15:20:29 +02:00
Victor LABORIE ba70219688 Add missing arg for cacert creation 2018-08-01 11:03:04 +02:00
Victor LABORIE d176ae28fb Add a delay for auto restart in systemd service 2018-06-27 19:04:59 +02:00
Victor LABORIE 0c7ff3501c Add -ignore_err for openssl ocsp 2018-06-27 19:04:29 +02:00
Victor LABORIE e24f288bfb Use exec for lauch openssl ocsp 2018-06-27 15:29:30 +02:00
Victor LABORIE cf2a667cc3 Add an example of ocspd systemd service 2018-06-27 15:13:42 +02:00
Victor LABORIE 8e9d72071e $USER can be root or $PKIUSER 2018-06-27 14:48:18 +02:00
Victor LABORIE 5f07a5e24c Add an OCSPD responder 2018-06-27 13:48:12 +02:00
Victor LABORIE 75246c956f Force cacert removing when erasing cakey 2018-06-27 12:51:30 +02:00
Victor LABORIE 84bfee7495 TMPDIR must be present 2018-06-27 11:55:19 +02:00
Victor LABORIE e6621cdd9b Init need CommonName for CA 2018-06-27 11:45:03 +02:00
Victor LABORIE 8263ca83e2 Add a Vagrantfile for testing 2018-04-11 14:32:45 +02:00
Victor LABORIE d6469e4e5b Use logger for cn-filter 2018-03-01 16:24:27 +01:00
Victor LABORIE c5ba184692 Add check subcommand for expiration alert 2018-02-21 11:25:00 +01:00
Victor LABORIE 2e2e59790a Fix .ovpn creation, - was missing 2018-02-15 16:33:07 +01:00
Victor LABORIE 3df0ca945b Add cn-filter.sh script for OpenVPN server 2018-02-15 15:22:56 +01:00
Victor LABORIE 0c55b0f285 Add sudo right to README install 2018-01-31 15:15:56 +01:00
Victor LABORIE 690c436dd6 Retrieve vars from openssl.cnf file 2018-01-31 12:43:34 +01:00
Victor LABORIE 8a4b52d1b5 Use -r with read command 2018-01-24 17:29:55 +01:00
Victor LABORIE a4c3a2cf83 Use error function instead of interactive error in main 2018-01-24 15:18:03 +01:00
Victor LABORIE 74cd88c33b List subcommand can filter by valid/revoked cert 2018-01-24 11:43:03 +01:00
Victor LABORIE ef12ea3bb9 Shellpki is no more interactive 2018-01-23 17:22:01 +01:00
Victor LABORIE 1921f9e5e5 Add GPLv2+ licence 2018-01-17 12:32:21 +01:00
Victor LABORIE 771066ff5d Complete refactoring 2018-01-17 12:21:39 +01:00
Victor LABORIE 6684fb4d71 Use 4096 bits for CA key 2018-01-15 17:38:52 +01:00
Jérémy Lecour f8eb22f51e Use available variables 2017-09-11 11:11:22 +02:00
Victor LABORIE 9bca20fc32 Add missing $ on REPLY var 2017-07-20 12:02:15 +02:00
Daniel Jakots f787f4683a remove obsolete file 2017-05-20 23:37:04 -04:00
Daniel Jakots e1ba51dd07 add a README.md 2017-05-20 23:36:47 -04:00
Daniel Jakots c4b4b6b4b2 WWWDIR may not exist and it's fine 2017-05-20 22:45:07 -04:00
Daniel Jakots ce8a5bbed2 retire des3 and use aes 2017-05-20 22:37:07 -04:00
Daniel Jakots 0356d31d9e space vs tabs and trailing white spaces 2017-05-20 22:11:48 -04:00
Daniel Jakots f8be2842f3 fail if there's no openssl.cnf 2017-05-20 22:10:46 -04:00
Daniel Jakots 5f913162af don't hardcode progname 2017-05-20 21:50:23 -04:00
Daniel Jakots 65e4ed5a44 redirect error message to stderr 2017-05-20 21:48:06 -04:00
Daniel Jakots b645e2fd7b replace `` with $() 2017-05-20 21:41:20 -04:00
Benoît S. 1d294c2463 Add v3_ca extension when generating CA. 2017-03-05 15:11:54 +01:00
Benoît S. 6a0f7712b0 Fix bashism. 2017-03-05 13:05:07 +01:00
Benoît S. 5c02c05dcc Added variable to every read call.
Needed for sh, not for bash.
2017-03-05 00:03:08 +01:00
Benoît S. c70498d6bc Dot not use weak ciphers. 2015-07-22 09:56:04 +02:00
Tristan Pilat d80a9876d2 Generation conf inline 2014-12-05 16:28:56 +01:00
Romain Dessort 6b584b62e3 Fix a bug with private key encryption.
openssl req does not have to generate a private key (which is not encrypted,
even if the user wants to) while key is already generated right before.
2013-10-16 16:44:34 +02:00
Romain Dessort a842d23d20 Use 3DES instead of simple DES to encrypt private key. 2013-10-16 16:44:00 +02:00
Romain Dessort 0bb337f56c Add possibility to encrypt private keys. 2013-10-15 14:01:38 +02:00
Romain Dessort b0724c97ea Change generated private key length to 2048 bits. 2013-10-15 12:12:37 +02:00