dropped -selfsign option; revoke certificates that are re-generated but not expired...
[stack/cam.git] / lib / gen.py
index 526e52f..42795fe 100644 (file)
@@ -33,6 +33,10 @@ def gen(tag):
            ans = raw_input('This certificate seems to exist already (in %s).\nAre you really sure that you want to re-create it? [y/N]  ' % crt_file)
            if not ans or ans[0].lower() != 'y':
                sys.exit(0)
+           print 'Revoking previous certificate...'
+            openssl('ca', '-config', conf_file, 
+                    '-revoke', public_crt_file)
+           
 
     # create custom config file
     template(conf_file,