export KEY_NAME=""
# revoke key and generate a new CRL
- $OPENSSL ca -revoke "$1.crt" -config "$KEY_CONFIG"
+ if [ -f "$1.crt" ]; then
+ crtname="$1.crt"
+ elif [ -f "$1.pem" ]; then
+ crtname="$1.pem"
+ else
+ echo "That certificate doesn't exist ($1.crt or $1.pem)"
+ exit
+ fi
+ $OPENSSL ca -revoke "$crtname" -config "$KEY_CONFIG"
# generate a new CRL -- try to be compatible with
# intermediate PKIs
fi
# verify the revocation
- $OPENSSL verify -CAfile "$RT" -crl_check "$1.crt"
+ $OPENSSL verify -CAfile "$RT" -crl_check "$crtname"
else
echo 'Please source the vars script first (i.e. "source ./vars")'
echo 'Make sure you have edited it to reflect your configuration.'