From c666bdedd1677e655905bf5f45e22aaa3607cfc5 Mon Sep 17 00:00:00 2001 From: oscar Date: Thu, 11 Aug 2022 21:53:53 +1200 Subject: [PATCH] feat(certgen/tls): allow to download cfssl bundles --- custom_tls_cert_gen/generate-custom-tls.sh | 62 ++++++++++++++++------ 1 file changed, 47 insertions(+), 15 deletions(-) diff --git a/custom_tls_cert_gen/generate-custom-tls.sh b/custom_tls_cert_gen/generate-custom-tls.sh index 787524b..4ea63ea 100755 --- a/custom_tls_cert_gen/generate-custom-tls.sh +++ b/custom_tls_cert_gen/generate-custom-tls.sh @@ -2,7 +2,13 @@ set -eu -read -p "Specify the output path: " OUTPUT_PATH +ERROR_COLOR='\033[0;31m'; +HIGHLIGHT_COLOR='\033[0;32m'; +INPUT_COLOR='\033[0;33m'; +NO_COLOR='\033[0m'; + + +read -p "$(echo -e ${INPUT_COLOR}Specify the output path: ${NO_COLOR})" OUTPUT_PATH if [ -z "$OUTPUT_PATH" ]; then OUTPUT_PATH="$(pwd)/output" @@ -13,26 +19,51 @@ if [ -z "$OUTPUT_PATH" ]; then fi if [[ ! -e "$OUTPUT_PATH" ]]; then - printf "$OUTPUT_PATH doesn't exist" + printf "${ERROR_COLOR}${OUTPUT_PATH} doesn't exist.\n"; exit; fi -read -p "Specify the path where the cfssl and cfssljson are placed: " TOOL_PATH +read -p "Do you have cfssl installed?(y/n): " is_cfssl_installed -CFSSLEXE=${TOOL_PATH}/cfssl -CFSSLJSONEXE=${TOOL_PATH}/cfssljson +CFSSLEXE=${OUTPUT_PATH}/cfssl +CFSSLJSONEXE=${OUTPUT_PATH}/cfssljson -echo ${CFSSLEXE} -if [ ! -e "$CFSSLEXE" ]; then - printf "no cfssl found" +if [[ "${is_cfssl_installed}" == "y" || "${is_cfssl_installed}" == "Y" ]]; then + read -p "Specify the path where the cfssl and cfssljson are placed: " TOOL_PATH + + CFSSLEXE=${TOOL_PATH}/cfssl + CFSSLJSONEXE=${TOOL_PATH}/cfssljson + + printf "${HIGHLIGHT_COLOR}Your cfssl binary path is ${CFSSLEXE}${NO_COLOR}\n" + + if [ ! -e "$CFSSLEXE" ]; then + printf "${ERROR_COLOR}no cfssl found.\n"; + exit; + fi + + if [ ! -e "$CFSSLJSONEXE" ]; then + printf "${ERROR_COLOR}no cfssljson found.\n"; + exit; + fi + +else + # Download the cfssl for users + read -p "Specify your platform(darwin/linux/windows): " PLATFORM + + if [ -Z "$PLATFORM" ]; then + printf "${ERROR_COLOR}Platform must be provided.\n"; exit; -fi + fi -if [ ! -e "$CFSSLJSONEXE" ]; then - printf "no cfssljson found" - exit; -fi + printf "${HIGHLIGHT_COLOR}Only amd64 is supported${NO_COLOR}\n" + wget "https://github.com/cloudflare/cfssl/releases/download/v1.6.1/cfssl_1.6.1_${PLATFORM}_amd64" -O "${OUTPUT_PATH}/cfssl" + chmod +x "${OUTPUT_PATH}/cfssl" + wget "https://github.com/cloudflare/cfssl/releases/download/v1.6.1/cfssljson_1.6.1_${PLATFORM}_amd64" -O "${OUTPUT_PATH}/cfssljson" + chmod +x "${OUTPUT_PATH}/cfssljson" + + printf "${HIGHLIGHT_COLOR}Download the cfssl bundle successfully.${NO_COLOR}\n" +fi cd $OUTPUT_PATH @@ -49,7 +80,6 @@ cat <> ${CONFIG_CFSSL_JSON} } } } - EOF read -p "Give a name to the certificate: " CERT_NAME @@ -57,4 +87,6 @@ read -p "Give a name to the certificate: " CERT_NAME read -p "Input the hostname(example.org,127.0.0.1): " CERT_HOSTNAME echo '{}' | ${CFSSLEXE} gencert -ca=ldap-ca.pem -ca-key=ldap-ca-key.pem -config=${CONFIG_CFSSL_JSON} \ - -hostname="${CERT_HOSTNAME}" - | ${CFSSLJSONEXE} -bare ${CERT_NAME} \ No newline at end of file + -hostname="${CERT_HOSTNAME}" - | ${CFSSLJSONEXE} -bare ${CERT_NAME} + +printf "${HIGHLIGHT_COLOR}The custom TLS certificates are successfully generated in the path ${OUTPUT_PATH}.${NO_COLOR}\n" \ No newline at end of file