diff options
author | Anton Luka Šijanec <anton@sijanec.eu> | 2023-11-09 00:49:22 +0100 |
---|---|---|
committer | Anton Luka Šijanec <anton@sijanec.eu> | 2023-11-09 00:49:22 +0100 |
commit | 2ac78dccbc1734b8257d9d6a0b15207c8be5420b (patch) | |
tree | b4c271496c17d725b27c81bf7455839cfa6c06b3 /skripti/sigenca/zahtevaj.sh | |
parent | tehtnica (diff) | |
download | r-2ac78dccbc1734b8257d9d6a0b15207c8be5420b.tar r-2ac78dccbc1734b8257d9d6a0b15207c8be5420b.tar.gz r-2ac78dccbc1734b8257d9d6a0b15207c8be5420b.tar.bz2 r-2ac78dccbc1734b8257d9d6a0b15207c8be5420b.tar.lz r-2ac78dccbc1734b8257d9d6a0b15207c8be5420b.tar.xz r-2ac78dccbc1734b8257d9d6a0b15207c8be5420b.tar.zst r-2ac78dccbc1734b8257d9d6a0b15207c8be5420b.zip |
Diffstat (limited to 'skripti/sigenca/zahtevaj.sh')
-rwxr-xr-x | skripti/sigenca/zahtevaj.sh | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/skripti/sigenca/zahtevaj.sh b/skripti/sigenca/zahtevaj.sh new file mode 100755 index 0000000..8693084 --- /dev/null +++ b/skripti/sigenca/zahtevaj.sh @@ -0,0 +1,24 @@ +#!/bin/bash +set -xeuo pipefail +umask 0077 +if [ ! $# -eq 1 ] +then + cat <<EOF +kot prvi argument bi morali navesti pot do datoteke s CSR, ki ga generirate s skriptom generiraj.sh. +EOF + exit 1 +fi +read -p "vnesite avtorizacijsko kodo (poslana kot AAAA-AAAA-AAAA po fizični pošti): " avt +csr=`cat $1` +p=`rev <<<$0 | cut -d/ -f1 | rev` +t=`mktemp -p "" $p.XXX` # da se shrani odgovor s certom na disk +curl -i -X POST https://www.si-trust.gov.si/SigenCA2/cda-cgi/clientcgi --data-urlencode "reference_number=`openssl asn1parse <<<$csr | grep -A1 commonName | tail -n1 | rev | cut -d: -f1 | rev`" --data-urlencode authcode@<(echo -n $avt) --data-urlencode "retrievedAs=rawDER" --data-urlencode "action=getServerCert" --data-urlencode "pkcs10Request=$csr" --output $t +function napaka () { + echo mogoče se je zgodila napaka pri pridobivanju certifikata. če se je, verjetno zgoraj piše razlog ^^^ +} +grep -P '^\t*<b>' /tmp/zahtevaj.sh.k4O && napaka +[ ! `head -n1 < $t | cut -d\ -f2` = 200 ] && napaka +echo če se certifikat slučajno ni pravilno izluščil iz odziva na standardni izhod, sem izhod shranil v $t +echo -----BEGIN CERTIFICATE----- +grep certCopy $t | cut -d\" -f6 +echo -----END CERTIFICATE----- |