Merge "Don't try to regenerate existing ssl certificates"
This commit is contained in:
Jenkins
Gerrit Code Review
commit
73ad94c9b4
5
lib/tls
5
lib/tls
@ -235,6 +235,8 @@ function make_cert {
|
|||||||
local common_name=$3
|
local common_name=$3
|
||||||
local alt_names=$4
|
local alt_names=$4
|
||||||
|
|
||||||
|
# Only generate the certificate if it doesn't exist yet on the disk
|
||||||
|
if [ ! -r "$ca_dir/$cert_name.crt" ]; then
|
||||||
# Generate a signing request
|
# Generate a signing request
|
||||||
$OPENSSL req \
|
$OPENSSL req \
|
||||||
-sha1 \
|
-sha1 \
|
||||||
@ -260,6 +262,7 @@ function make_cert {
|
|||||||
-out $ca_dir/$cert_name.crt \
|
-out $ca_dir/$cert_name.crt \
|
||||||
-subj "/O=${ORG_NAME}/OU=${ORG_UNIT_NAME} Servers/CN=${common_name}" \
|
-subj "/O=${ORG_NAME}/OU=${ORG_UNIT_NAME} Servers/CN=${common_name}" \
|
||||||
-batch
|
-batch
|
||||||
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@ -274,6 +277,7 @@ function make_int_CA {
|
|||||||
create_CA_config $ca_dir 'Intermediate CA'
|
create_CA_config $ca_dir 'Intermediate CA'
|
||||||
create_signing_config $ca_dir
|
create_signing_config $ca_dir
|
||||||
|
|
||||||
|
if [ ! -r "$ca_dir/cacert.pem" ]; then
|
||||||
# Create a signing certificate request
|
# Create a signing certificate request
|
||||||
$OPENSSL req -config $ca_dir/ca.conf \
|
$OPENSSL req -config $ca_dir/ca.conf \
|
||||||
-sha1 \
|
-sha1 \
|
||||||
@ -291,6 +295,7 @@ function make_int_CA {
|
|||||||
-in $ca_dir/cacert.csr \
|
-in $ca_dir/cacert.csr \
|
||||||
-out $ca_dir/cacert.pem \
|
-out $ca_dir/cacert.pem \
|
||||||
-batch
|
-batch
|
||||||
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
# Make a root CA to sign other CAs
|
# Make a root CA to sign other CAs
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user