# along with this program. If not, see <http://www.gnu.org/licenses/>.
-if [ "x$1" = x ]; then
+set -e
+
+if test "$#" -eq 0; then
echo "Usage: $0 <hostname> [<server-certificate>]"
echo
echo "Add the server certificate <server-certificate> (as .pem file) for "
exit 1
fi
-tempfile=`mktemp` || exit 1
-
-die() {
- rm -f "$tempfile"
- exit 1
-}
+tempfile=`mktemp`
+trap 'rm -f "$tempfile"' EXIT
# Generate server certificate for given host.
echo 'organization = tlsproxy' > "$tempfile"
--load-ca-certificate proxy-ca.pem \
--load-ca-privkey proxy-ca-key.pem \
--template "$tempfile" \
- --outfile "certificate-$1-proxy.pem" || die
+ --outfile "certificate-$1-proxy.pem"
rm "$tempfile"
-if [ "x$2" = x ]; then
- echo please enter server certificate
+if test "x$2" = x; then
+ echo 'Please enter server certificate (Ctrl-D to terminate input).'
cat > "certificate-$1-server.pem"
else
cp "$2" "certificate-$1-server.pem"
# along with this program. If not, see <http://www.gnu.org/licenses/>.
-tempfile=`mktemp` || exit 1
+set -e
-die() {
- rm -f "$tempfile"
- exit 1
-}
+tempfile=`mktemp`
+trap 'rm -f "$tempfile"' EXIT
# Generate proxy CA key file.
-certtool --generate-privkey > proxy-ca-key.pem || die
+certtool --generate-privkey \
+ --outfile proxy-ca-key.pem
# Generate proxy CA.
echo 'cn = tlsproxy CA' > "$tempfile"
echo ca >> "$tempfile"
certtool --generate-self-signed \
--load-privkey proxy-ca-key.pem \
--template "$tempfile" \
- --outfile proxy-ca.pem || die
+ --outfile proxy-ca.pem
# Generate proxy key file.
-certtool --generate-privkey > proxy-key.pem || die
+certtool --generate-privkey \
+ --outfile proxy-key.pem
# Generate proxy "invalid" server certificate. It's used for problematic
# connections.
certtool --generate-self-signed \
--load-privkey proxy-key.pem \
--template "$tempfile" \
- --outfile proxy-invalid.pem || die
+ --outfile proxy-invalid.pem
rm "$tempfile"
ruderich.org/simon / tlsproxy / tlsproxy.git / commitdiff