forked from slomkowski/mumsi
-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathmake-client-certs.sh
executable file
·66 lines (55 loc) · 1.3 KB
/
make-client-certs.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
#!/bin/bash
#
# make-client-certs.sh - creates the client certs for registering with Mumble
#
# Usage:
#
# make-client-certs.sh <username>
#
# make-client-certs.sh <userprefix> <count>
#
# Notes:
#
# * The certs are self-signed and are not passphrase protected. Depending on
# the target environment and usage, this may or may not be OK. If you need
# a passphrase, you'll need to hack Mumlib.
#
# * The names are hard-coded in mumsi to match <username>-key.pem and
# <username>-cert.pem. This is done to make it easier to configure multi-line
# functionality.
#
# * When generating files for a series of users, the counter is appended to the
# user name, from '0' to one less than the COUNT.
function usage {
cat <<EOF
Usage:
$0 username
$0 user-prefix count
EOF
exit 1
}
USER="$1"
COUNT="$2"
# In this 'format', the %s is replaced with the user name generated in
# the for loop.
SUBJFMT="/C=DE/ST=HE/L=Ffm/O=Mumble Ext./CN=%s"
if [ -z "$USER" ]; then
usage
fi
if [ -n "$3" ]; then
usage
fi
if [ -z "$COUNT" ]; then
COUNT=1
fi
for ((i=0; i<$COUNT; i++)) {
prefix="${USER}${i}"
subj=$(printf "$SUBJFMT" $prefix)
openssl req \
-nodes \
-new \
-x509 \
-keyout ${prefix}-key.pem \
-out ${prefix}-cert.pem \
-subj "$subj"
}