From 77a9473915b46879bae504dfa3c1c4d0d60fa2e9 Mon Sep 17 00:00:00 2001
From: sarthurdev <965089+sarthurdev@users.noreply.github.com>
Date: Fri, 23 Jul 2021 13:39:14 +0200
Subject: pki: T3642: Add ability to write generated certificates/keys to
specified filenames
---
op-mode-definitions/pki.xml.in | 116 +++++++++++++++++++++++++++++++++++++++--
1 file changed, 112 insertions(+), 4 deletions(-)
(limited to 'op-mode-definitions/pki.xml.in')
diff --git a/op-mode-definitions/pki.xml.in b/op-mode-definitions/pki.xml.in
index 9c6b56a68..a11814c8a 100644
--- a/op-mode-definitions/pki.xml.in
+++ b/op-mode-definitions/pki.xml.in
@@ -20,9 +20,18 @@
+
+
+ Write generated CA certificate into the specified filename
+
+ <filename>
+
+
+ sudo ${vyos_op_scripts_dir}/pki.py --action generate --ca "$7" --sign "$5" --file
+
- Commands for installing generated certificate into running configuration
+ Commands for installing generated CA certificate into running configuration
<certificate name>
@@ -32,9 +41,18 @@
sudo ${vyos_op_scripts_dir}/pki.py --action generate --ca "noname" --sign "$5"
+
+
+ Write generated CA certificate into the specified filename
+
+ <filename>
+
+
+ sudo ${vyos_op_scripts_dir}/pki.py --action generate --ca "$5" --file
+
- Commands for installing generated certificate into running configuration
+ Commands for installing generated CA certificate into running configuration
<CA name>
@@ -54,6 +72,15 @@
Generate self-signed certificate
+
+
+ Write generated self-signed certificate into the specified filename
+
+ <filename>
+
+
+ sudo ${vyos_op_scripts_dir}/pki.py --action generate --certificate "$6" --self-sign --file
+
Commands for installing generated self-signed certificate into running configuration
@@ -74,9 +101,18 @@
+
+
+ Write generated signed certificate into the specified filename
+
+ <filename>
+
+
+ sudo ${vyos_op_scripts_dir}/pki.py --action generate --certificate "$7" --sign "$5" --file
+
- Commands for installing generated certificate into running configuration
+ Commands for installing generated signed certificate into running configuration
<certificate name>
@@ -86,6 +122,15 @@
sudo ${vyos_op_scripts_dir}/pki.py --action generate --certificate "noname" --sign "$5"
+
+
+ Write generated certificate request and key into the specified filename
+
+ <filename>
+
+
+ sudo ${vyos_op_scripts_dir}/pki.py --action generate --certificate "$5" --file
+
Commands for installing generated certificate private key into running configuration
@@ -106,6 +151,15 @@
+
+
+ Write generated CRL into the specified filename
+
+ <filename>
+
+
+ sudo ${vyos_op_scripts_dir}/pki.py --action generate --crl "$4" --file
+
Commands for installing generated CRL into running configuration
@@ -120,6 +174,15 @@
Generate DH parameters
+
+
+ Write generated DH parameters into the specified filename
+
+ <filename>
+
+
+ sudo ${vyos_op_scripts_dir}/pki.py --action generate --dh "$5" --file
+
Commands for installing generated DH parameters into running configuration
@@ -137,6 +200,15 @@
Generate a key pair
+
+
+ Write generated key pair into the specified filename
+
+ <filename>
+
+
+ sudo ${vyos_op_scripts_dir}/pki.py --action generate --keypair "$5" --file
+
Commands for installing generated key pair into running configuration
@@ -159,6 +231,15 @@
Generate OpenVPN shared secret key
+
+
+ Write generated OpenVPN shared secret key into the specified filename
+
+ <filename>
+
+
+ sudo ${vyos_op_scripts_dir}/pki.py --action generate --openvpn "$6" --file
+
Commands for installing generated OpenVPN shared secret key into running configuration
@@ -178,6 +259,15 @@
Generate SSH key
+
+
+ Write generated SSH keys into the specified filename
+
+ <filename>
+
+
+ sudo ${vyos_op_scripts_dir}/pki.py --action generate --ssh "$5" --file
+
Commands for installing generated SSH key into running configuration
@@ -200,6 +290,15 @@
Generate Wireguard key pair for use with server or peer
+
+
+ Write generated Wireguard keys into the specified filename
+
+ <filename>
+
+
+ sudo ${vyos_op_scripts_dir}/pki.py --action generate --wireguard --key "$6" --file
+
Commands for installing generated Wireguard key into running configuration
@@ -217,9 +316,18 @@
Generate pre-shared key for use with a Wireguard peer
+
+
+ Write generated Wireguard PSK into the specified filename
+
+ <filename>
+
+
+ sudo ${vyos_op_scripts_dir}/pki.py --action generate --wireguard --psk "$6" --file
+
- Commands for installing generated Wireguard psk on specified peer into running configuration
+ Commands for installing generated Wireguard PSK on specified peer into running configuration
<peer>
--
cgit v1.2.3