server_dir=/etc/openvpn/server
fi
-cafile=$server_dir/ca.crt
+cafile=$server_dir/ca-$name.crt
+### begin section roughly copied from vpn-server-setup
+rsadir=/etc/openvpn/easy-rsa-$name
new=true
-keyfiles=(/etc/openvpn/easy-rsa/pki/{issued/$common_name.crt,private/$common_name.key})
-if [[ -e /etc/openvpn/easy-rsa/build-ca ]]; then
+keyfiles=(
+ $rsadir/pki/private/$common_name.key
+ $rsadir/pki/issued/$common_name.crt
+)
+if [[ -e /etc/openvpn/easy-rsa-$name/build-ca ]]; then
new=false
- keyfiles=(/etc/openvpn/easy-rsa/keys/$name.{crt,key})
+ keyfiles=(
+ $rsadir/keys/$common_name.key
+ $rsadir/keys/$common_name.crt
+ )
fi
+### end section roughly copied from vpn-server-setup
if [[ ! -e $cafile ]]; then
echo: error no cafile found at $cafile >/tmp/errors
if ! $exists; then
- cd /etc/openvpn/easy-rsa
+ cd /etc/openvpn/easy-rsa-$name
if $new; then
./easyrsa build-client-full $common_name nopass >/dev/null
else
fi
d=$(mktemp -d)
-cp $cafile $d/$name-ca.crt
-cp ${keyfiles[@]} $d
-
-cp $server_dir/ta.key $d/$name-ta.key
+cp $server_dir/ta-$name.key $cafile $d
+for f in ${keyfiles[@]}; do
+ cp $f $d/$name.${f##*.}
+done
tar cz -C $d .
rm -rf $d
iankelling.org / git / vpn-setup / blobdiff