From fffd213c8cba2135afda493d797c41c10354770e Mon Sep 17 00:00:00 2001
From: Othmar Gsenger <otti@anytun.org>
Date: Sat, 12 Apr 2008 11:38:42 +0000
Subject: big svn cleanup

---
 src/openvpn/easy-rsa/revoke-full | 29 +++++++++++++++++++++++++++++
 1 file changed, 29 insertions(+)
 create mode 100755 src/openvpn/easy-rsa/revoke-full

(limited to 'src/openvpn/easy-rsa/revoke-full')

diff --git a/src/openvpn/easy-rsa/revoke-full b/src/openvpn/easy-rsa/revoke-full
new file mode 100755
index 0000000..66ea03f
--- /dev/null
+++ b/src/openvpn/easy-rsa/revoke-full
@@ -0,0 +1,29 @@
+#!/bin/sh
+
+# revoke a certificate, regenerate CRL,
+# and verify revocation
+
+CRL=crl.pem
+RT=revoke-test.pem
+
+if test $# -ne 1; then
+        echo "usage: revoke-full <name>";
+        exit 1
+fi
+
+if test $KEY_DIR; then
+       cd $KEY_DIR
+       rm -f $RT
+
+       # revoke key and generate a new CRL
+       openssl ca -revoke $1.crt -config $KEY_CONFIG
+
+       # generate a new CRL
+       openssl ca -gencrl -out $CRL -config $KEY_CONFIG
+       cat ca.crt $CRL >$RT
+    
+       # verify the revocation
+       openssl verify -CAfile $RT -crl_check $1.crt
+else
+       echo you must define KEY_DIR
+fi
-- 
cgit v1.2.3