From: ale <ale@9de0ac56-b551-4d3d-a58d-d429de429fdc>
Date: Thu, 7 Dec 2006 09:39:27 +0000 (+0000)
Subject: dropped -selfsign option; revoke certificates that are re-generated but not expired... 
X-Git-Url: https://v.licheni.net/stack/cam.git/commitdiff_plain/922a15c7009f853accd86c0a8270fb18f0a6ead9

dropped -selfsign option; revoke certificates that are re-generated but not expired; fixes
---

diff --git a/lib/cfg.pyc b/lib/cfg.pyc
index a86d8be..ad590fa 100644
Binary files a/lib/cfg.pyc and b/lib/cfg.pyc differ
diff --git a/lib/gen.py b/lib/gen.py
index 526e52f..42795fe 100644
--- a/lib/gen.py
+++ b/lib/gen.py
@@ -33,6 +33,10 @@ def gen(tag):
 	    ans = raw_input('This certificate seems to exist already (in %s).\nAre you really sure that you want to re-create it? [y/N]  ' % crt_file)
 	    if not ans or ans[0].lower() != 'y':
 		sys.exit(0)
+	    print 'Revoking previous certificate...'
+            openssl('ca', '-config', conf_file, 
+                    '-revoke', public_crt_file)
+	    
 
     # create custom config file
     template(conf_file,
diff --git a/lib/newca.py b/lib/newca.py
index f036552..7519b31 100644
--- a/lib/newca.py
+++ b/lib/newca.py
@@ -47,7 +47,7 @@ def newca():
 	openssl('ca', 
 		'-config', conf_file, '-batch',
 		'-keyfile', ca_key_file,
-		'-extensions', 'v3_ca', '-selfsign',
+		'-extensions', 'v3_ca', 
 		'-out', ca_file,
 		'-infiles', ca_csr_file)
 	openssl('ca', 
diff --git a/lib/utils.pyc b/lib/utils.pyc
index fe39ff8..dbfbb24 100644
Binary files a/lib/utils.pyc and b/lib/utils.pyc differ