4 # Outputs the keyfiles to stdout as tar.gz
6 rm -f /tmp
/vpn-mk-client-cert.log
7 exec 2>/tmp
/vpn-mk-client-cert.log
12 echo common_name
=$common_name >&2
14 server_dir
=/etc
/openvpn
15 if [[ -e /etc
/openvpn
/server
]]; then
16 server_dir
=/etc
/openvpn
/server
19 cafile
=$server_dir/ca.crt
22 keyfiles
=(/etc
/openvpn
/easy-rsa
/pki
/{issued
/$common_name.crt
,private
/$common_name.key
})
23 if [[ -e /etc
/openvpn
/easy-rsa
/build-ca
]]; then
25 keyfiles
=(/etc
/openvpn
/easy-rsa
/keys
/$name.
{crt
,key
})
28 if [[ ! -e $cafile ]]; then
29 echo: error no cafile found
at $cafile >/tmp
/errors
34 for x
in ${keyfiles[@]}; do
35 if [[ ! -e $x ]]; then
43 cd /etc
/openvpn
/easy-rsa
45 .
/easyrsa build-client-full
$common_name nopass
>/dev
/null
47 source vars
>/dev
/null
49 { echo -e '\n\n\n\n\n'$common_name'\n\n\n\n\n'; sleep 2; echo -e 'y\ny\n'; } | .
/build-key
$name >/dev
/null
54 cp $cafile $d/$name-ca.crt
57 cp $server_dir/ta.key
$d/$name-ta.key