#! /bin/sh
-# Copyright (c) 2008, 2009, 2010, 2011, 2012, 2013 Nicira, Inc.
+# Copyright (c) 2008, 2009, 2010, 2011, 2012, 2013, 2014 Nicira, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
dsaparam=$pkidir/dsaparam.pem
fi
case $log in
- /*) ;;
+ /* | ?:[\\/]*) ;;
*) log=`pwd`/$log ;;
esac
RANDFILE = $dir/private/.rand # random number file
default_days = 3650 # how long to certify for
default_crl_days= 30 # how long before next CRL
-default_md = md5 # md to use
+default_md = sha1 # message digest to use
policy = policy # default policy
email_in_dn = no # Don't add the email into cert DN
name_opt = ca_default # Subject name display option
must_not_exist "$2"
pkidir_must_exist
+ case "$1" in
+ /* | ?:[\\/]*)
+ request_file="$1"
+ ;;
+ *)
+ request_file="`pwd`/$1"
+ ;;
+ esac
+
(cd "$pkidir/${type}ca" &&
- openssl ca -config ca.cnf -batch -in /dev/stdin) \
- < "$1" > "$2.tmp$$" 2>&3
+ openssl ca -config ca.cnf -batch -in "$request_file") \
+ > "$2.tmp$$" 2>&3
mv "$2.tmp$$" "$2"
}
check_type "$arg2"
verify_fingerprint "$arg1-req.pem"
- sign_request "$arg1-req.pem" "$arg2-cert.pem"
+ sign_request "$arg1-req.pem" "$arg1-cert.pem"
elif test "$command" = req+sign; then
one_or_two_args
check_type "$arg2"