From: Richard Levitte Date: Mon, 4 Jul 2005 21:44:16 +0000 (+0000) Subject: The private key should never have ended up in newreq.pem. X-Git-Tag: OpenSSL_0_9_8k^2~1947 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=d2e0c81720c2168d27418438095e1f6fa11e3936;p=oweals%2Fopenssl.git The private key should never have ended up in newreq.pem. Now, it ends up in newkey.pem instead. --- diff --git a/apps/CA.pl.in b/apps/CA.pl.in index 5d829c05eb..8ef8ac1c83 100644 --- a/apps/CA.pl.in +++ b/apps/CA.pl.in @@ -68,19 +68,19 @@ foreach (@ARGV) { exit 0; } elsif (/^-newcert$/) { # create a certificate - system ("$REQ -new -x509 -keyout newreq.pem -out newreq.pem $DAYS"); + system ("$REQ -new -x509 -keyout newkey.pem -out newcert.pem $DAYS"); $RET=$?; - print "Certificate (and private key) is in newreq.pem\n" + print "Certificate is in newcert.pem, private key is in newkey.pem\n" } elsif (/^-newreq$/) { # create a certificate request - system ("$REQ -new -keyout newreq.pem -out newreq.pem $DAYS"); + system ("$REQ -new -keyout newkey.pem -out newreq.pem $DAYS"); $RET=$?; - print "Request (and private key) is in newreq.pem\n"; + print "Request is in newreq.pem, private key is in newkey.pem\n"; } elsif (/^-newreq-nodes$/) { # create a certificate request - system ("$REQ -new -nodes -keyout newreq.pem -out newreq.pem $DAYS"); + system ("$REQ -new -nodes -keyout newkey.pem -out newreq.pem $DAYS"); $RET=$?; - print "Request (and private key) is in newreq.pem\n"; + print "Request is in newreq.pem, private key is in newkey.pem\n"; } elsif (/^-newca$/) { # if explicitly asked for or it doesn't exist then setup the # directory structure that Eric likes to manage things @@ -120,10 +120,11 @@ foreach (@ARGV) { } elsif (/^-pkcs12$/) { my $cname = $ARGV[1]; $cname = "My Certificate" unless defined $cname; - system ("$PKCS12 -in newcert.pem -inkey newreq.pem " . + system ("$PKCS12 -in newcert.pem -inkey newkey.pem " . "-certfile ${CATOP}/$CACERT -out newcert.p12 " . "-export -name \"$cname\""); $RET=$?; + print "PKCS #12 file is in newcert.p12\n"; exit $RET; } elsif (/^-xsign$/) { system ("$CA -policy policy_anything -infiles newreq.pem"); diff --git a/apps/CA.sh b/apps/CA.sh index 46e86bf94b..a0b20d85a9 100644 --- a/apps/CA.sh +++ b/apps/CA.sh @@ -53,15 +53,15 @@ case $i in ;; -newcert) # create a certificate - $REQ -new -x509 -keyout newreq.pem -out newreq.pem $DAYS + $REQ -new -x509 -keyout newkey.pem -out newcert.pem $DAYS RET=$? - echo "Certificate (and private key) is in newreq.pem" + echo "Certificate is in newcert.pem, private key is in newkey.pem" ;; -newreq) # create a certificate request - $REQ -new -keyout newreq.pem -out newreq.pem $DAYS + $REQ -new -keyout newkey.pem -out newreq.pem $DAYS RET=$? - echo "Request (and private key) is in newreq.pem" + echo "Request is in newreq.pem, private key is in newkey.pem" ;; -newca) # if explicitly asked for or it doesn't exist then setup the directory