diff options
| -rw-r--r-- | scripts/generate-testrepo.pl | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/scripts/generate-testrepo.pl b/scripts/generate-testrepo.pl index 84f1c28f..7b6e222d 100644 --- a/scripts/generate-testrepo.pl +++ b/scripts/generate-testrepo.pl @@ -15,6 +15,7 @@ my $passwd = "fnord"; my $keybits = 2048; my $verbose = 0; my $debug = 1; +my $revoke = 0; sub openssl { print(STDERR join(" ", qw(+ openssl), @_), "\n") @@ -178,6 +179,16 @@ EOF close(F); } +# Revoke old certificates, maybe. + +if ($revoke) { + for my $cert (glob("*/*.pem")) { + my $conf = (split("/", $cert))[0] . ".cnf"; + openssl("ca", "-verbose", "-config", $conf, "-revoke", $cert); + unlink($cert); + } +} + # Run OpenSSL to create the keys and certificates. We generate keys # separately to avoid wasting /dev/random bits if we need to change # the configuration. |