diff options
| author | Richard Levitte <levitte@openssl.org> | 2005-07-04 21:44:16 +0000 |
|---|---|---|
| committer | Richard Levitte <levitte@openssl.org> | 2005-07-04 21:44:16 +0000 |
| commit | d2e0c81720c2168d27418438095e1f6fa11e3936 (patch) | |
| tree | c585b00343bc5ac59f65d4881f11d1d4daaf84d2 /apps/CA.pl.in | |
| parent | 109080ae48441256cc6702472eb5593183f1232d (diff) | |
The private key should never have ended up in newreq.pem.
Now, it ends up in newkey.pem instead.
Diffstat (limited to 'apps/CA.pl.in')
| -rw-r--r-- | apps/CA.pl.in | 15 |
1 files changed, 8 insertions, 7 deletions
diff --git a/apps/CA.pl.in b/apps/CA.pl.in index 5d829c05eb..8ef8ac1c83 100644 --- a/apps/CA.pl.in +++ b/apps/CA.pl.in @@ -68,19 +68,19 @@ foreach (@ARGV) { exit 0; } elsif (/^-newcert$/) { # create a certificate - system ("$REQ -new -x509 -keyout newreq.pem -out newreq.pem $DAYS"); + system ("$REQ -new -x509 -keyout newkey.pem -out newcert.pem $DAYS"); $RET=$?; - print "Certificate (and private key) is in newreq.pem\n" + print "Certificate is in newcert.pem, private key is in newkey.pem\n" } elsif (/^-newreq$/) { # create a certificate request - system ("$REQ -new -keyout newreq.pem -out newreq.pem $DAYS"); + system ("$REQ -new -keyout newkey.pem -out newreq.pem $DAYS"); $RET=$?; - print "Request (and private key) is in newreq.pem\n"; + print "Request is in newreq.pem, private key is in newkey.pem\n"; } elsif (/^-newreq-nodes$/) { # create a certificate request - system ("$REQ -new -nodes -keyout newreq.pem -out newreq.pem $DAYS"); + system ("$REQ -new -nodes -keyout newkey.pem -out newreq.pem $DAYS"); $RET=$?; - print "Request (and private key) is in newreq.pem\n"; + print "Request is in newreq.pem, private key is in newkey.pem\n"; } elsif (/^-newca$/) { # if explicitly asked for or it doesn't exist then setup the # directory structure that Eric likes to manage things @@ -120,10 +120,11 @@ foreach (@ARGV) { } elsif (/^-pkcs12$/) { my $cname = $ARGV[1]; $cname = "My Certificate" unless defined $cname; - system ("$PKCS12 -in newcert.pem -inkey newreq.pem " . + system ("$PKCS12 -in newcert.pem -inkey newkey.pem " . "-certfile ${CATOP}/$CACERT -out newcert.p12 " . "-export -name \"$cname\""); $RET=$?; + print "PKCS #12 file is in newcert.p12\n"; exit $RET; } elsif (/^-xsign$/) { system ("$CA -policy policy_anything -infiles newreq.pem"); |