Skip to content

Commit

Permalink
Create an initial, empty CRL in DER encoding FreeRADIUS#2964
Browse files Browse the repository at this point in the history
  • Loading branch information
@jpereira @alandekok
jpereira authored and alandekok committed Sep 9, 2019
1 parent cbdfe17 commit 92e89e4
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 1 deletion.
1 change: 1 addition & 0 deletions raddb/certs/.gitignore
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@
*.p12
*.old
*.attr
*.crl
ca.der
dh
index.txt
Expand Down
7 changes: 6 additions & 1 deletion raddb/certs/Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ all: index.txt serial dh server ca client ocsp
client: rsa/client.pem ecc/client.pem

.PHONY: ca
ca: rsa/ca.der ecc/ca.der
ca: rsa/ca.der ecc/ca.der rsa/ca.crl

.PHONY: server
server: rsa/server.pem rsa/server.vrfy ecc/server.pem ecc/server.vrfy
Expand Down Expand Up @@ -93,6 +93,11 @@ rsa/ca.key rsa/ca.pem: ca.cnf | $(OUTPUT_DIRS)
rsa/ca.der: rsa/ca.pem
openssl x509 -inform PEM -outform DER -in rsa/ca.pem -out rsa/ca.der

rsa/ca.crl: rsa/ca.pem
openssl ca -gencrl -keyfile rsa/ca.key -cert rsa/ca.pem -config ./ca.cnf -out rsa/ca-crl.pem -key $(PASSWORD_CA)
openssl crl -in rsa/ca-crl.pem -outform der -out rsa/ca.crl
@rm -f rsa/ca-crl.pem

rsa/ca.csr: ca.cnf
openssl req -new -x509 -keyout rsa/ca.key -out rsa/ca.csr -config ./ca.cnf -days $(CA_DEFAULT_DAYS)

Expand Down

0 comments on commit 92e89e4

Please sign in to comment.