#!/usr/bin/sh #---------------------------------------------------------------------------------- # /var/install/bin/certs-recreate-index - create certificate index file # # Copyright (c) 2001-2025 The Eisfair Team, team(at)eisfair(dot)org # # Creation: 2002-12-01 jed # Last Update: $Id$ # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. #---------------------------------------------------------------------------------- # include eislib . /var/install/include/eislib #exec 2>/tmp/certs-recreate-index-trace-$$.log #set -x #---------------------------------------------------------------------------------- # get certificate information #---------------------------------------------------------------------------------- get_cert_info () { certname="$1" # serial=02 ssl_serial=` ${openssl_bin} x509 -in "${certdir}/${certname}" -serial|grep "^serial"|cut -d'=' -f2` # notAfter=Apr 28 19:07:29 2004 GMT ssl_enddate=`${openssl_bin} x509 -in "${certdir}/${certname}" -enddate|grep "^notAfter"|cut -d'=' -f2` # /C=DE/ST=Nordrhein Westfalen/L=Leverkusen/O=Juergen Edner/OU=Juergen Edner - Email Services/CN=voyager.privatnet.lan ssl_subject=`${openssl_bin} x509 -in "${certdir}/${certname}" -subject|grep "^subject"|cut -d'=' -f2-` } #---------------------------------------------------------------------------------- # get time and date from certificate #---------------------------------------------------------------------------------- get_time_and_date () { # date year_nbr=` echo ${ssl_enddate} | cut -d' ' -f4|cut -c3-` month_txt=`echo ${ssl_enddate} | cut -d' ' -f1` idx=1 for MNAME in Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec do if [ "${month_txt}" = "MNAME" ] then month_nbr=${idx} break fi idx=`expr ${idx} + 1` done day_nbr=`echo ${ssl_enddate} | cut -d' ' -f2` # time time_txt=`echo ${ssl_enddate} | cut -d' ' -f3` hour_nbr=`echo ${time_txt} | cut -d: -f1` min_nbr=` echo ${time_txt} | cut -d: -f2` sec_nbr=` echo ${time_txt} | cut -d: -f3` } #================================================================================== # main #================================================================================== ssldir=/usr/local/ssl certdir=${ssldir}/certs indexfile=$ssldir/index.txt openssl_bin=/usr/bin/openssl if [ -f ${indexfile} ] then mecho --error "The file ${indexfile} already exists. You have to delete it before you can recreate it!" else mecho "recreating ${indexfile} ..." cd ${certdir} # separator set to newline (\n) to handle file names which contain spaces correctly oldifs="${IFS}" IFS=$'\n' filelist=$(find ${certdir} -maxdepth 1 -type f -name "*.pem" -printf '%f\n' | sort) for CNAME in ${filelist} do mecho "- ${certdir}/${CNAME}" get_cert_info "${CNAME}" get_time_and_date # V 040428190729Z 02 unknown /C=DE/ST=Nordrhein Westfalen/L=Leverk printf "V\t${year_nbr}${month_nbr}${day_nbr}${hour_nbr}${min_nbr}${sec_nbr}Z\t\t${ssl_serial}\tunknown\t${ssl_subject}\n" >> ${indexfile} done IFS="${oldifs}" mecho "finished." fi #================================================================================== # End #==================================================================================