Disable RC4.

[tlsproxy/tlsproxy.git] / src / tlsproxy-add

diff --git a/src/tlsproxy-add b/src/tlsproxy-add
index b57697aa322ae07f7f2262a0cd5942b554b71713..b279c8294f992469912a39d87a0c59ccf473d0bb 100755 (executable)
--- a/src/tlsproxy-add
+++ b/src/tlsproxy-add
@@ -4,7 +4,7 @@
 #
 # Requires certtool (from GnuTLS).
 #
-# Copyright (C) 2011-2013  Simon Ruderich
+# Copyright (C) 2011-2014  Simon Ruderich
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@@ -22,7 +22,7 @@
 
 set -e
 
-if test "$#" -eq 0; then
+if test "$#" -ne 1 && test "$#" -ne 2; then
     echo "Usage: $0 <hostname> [<server-certificate>]"
     echo
     echo "Add the server certificate <server-certificate> (as .pem file) for "
@@ -32,7 +32,7 @@ if test "$#" -eq 0; then
     echo "is read from stdin."
     echo
     echo "The server certificate is NOT validated in any way, you must do "
-    echo "that before using this command or you risk using a insecure "
+    echo "that before using this command or you risk using an insecure "
     echo "certificate!"
     echo
     echo "Must be run in the tlsproxy directory where other configuration "
@@ -49,6 +49,7 @@ echo "cn = $1"                >> "$tempfile"
 echo tls_www_server           >> "$tempfile"
 echo encryption_key           >> "$tempfile"
 echo signing_key              >> "$tempfile"
+echo 'expiration_days = 3650' >> "$tempfile"
 certtool --generate-certificate \
          --load-privkey proxy-key.pem \
          --load-ca-certificate proxy-ca.pem \