WebSVN – sysadmin_scripts – Diff – /trunk/ssl_certs/deployCert

 #! /usr/bin/env perl
+# copies server certificates to target, then restarts services
+# If called with one parameter (hostname), will copy all .crt
+# and .key files matching hostname (ie, hostname*.crt and
+# hostname*.key.
+#
+# assumes root user on this system can connect to hostname as
+# root.
+#
+# restarts service apache2 on hostname after copy.
+#
+# assumes crt and key files are in $serverCertDir
 use strict;
 use warnings;
+use FindBin;
+use File::Spec;
+use Cwd 'abs_path';
+use File::Basename;
+my $binDir = dirname( abs_path( __FILE__ ) ) . '/';
+my $config = $binDir . "makeCert.conf";
+my $configFile;    # prototype for the domain specific config file
+my $caCRT;         # location of the CA crt file
+my $caKey;         # location of the CA Key file
+my $serverCertDir; # where to put the server certs
+my $certDays;      # number of days a Server certificate is valid for, not used here
+my $caDays;        # number of days a CA is good for
+die "Config File $config not found\n" unless -f $config;
+die "openssl config file $sslConfig not found\n" unless -f $sslConfig;
+# load the config file
+eval `cat $config`;
 my $targetDir = '/etc/certificates/';
 my $remoteCommand = 'chmod 644 /etc/certificates/* && chown root:root /etc/certificates/* && service apache2 reload';
 my $hostname = shift;
 my $certname = shift;
-die "Usage: $0 hostname certname\n" unless $hostname && $certname;
+die "Usage: $0 hostname [certname]\n" unless $hostname;
+$certname .= '*' unless $certname;
-`scp $certname.crt $certname.key $hostname:$targetDir`;
+`scp $serverCertDir$certname.crt $serverCertDir$certname.key $hostname:$targetDir`;
 `ssh $hostname '$remoteCommand'`;
 print "$hostname updated and web server restarted\n";
 ;

Subversion Repositories sysadmin_scripts

(root)/trunk/ssl_certs/deployCert – Rev 179 → 182