cert-gen script echo specific message and exit on each openssl operation fail (#712)

2018-11-15 19:10:46 +04:00 · 2018-11-15 19:10:46 +04:00 · 9af204e609
commit 9af204e609
parent a377777b12
1 changed files with 46 additions and 28 deletions
--- a/bin/cert-gen.sh
+++ b/bin/cert-gen.sh
@ -30,39 +30,57 @@ CA_KEY_PATH=$KEY_DIR/Lamassu_OP_Root_CA.key
 CA_PATH=$CERT_DIR/Lamassu_OP_Root_CA.pem
 SERVER_KEY_PATH=$KEY_DIR/Lamassu_OP.key
 SERVER_CERT_PATH=$CERT_DIR/Lamassu_OP.pem
+red=`tput setaf 1`
+reset=`tput sgr0`
+OPENSSL_ERROR_HINT="Make sure that you have installed openssl 1.0 version"

-openssl genrsa \
-  -out $CA_KEY_PATH \
-  4096 >> $LOG_FILE 2>&1
+print_error () {
+  echo "${red}Error: ${reset} $1"
+  echo $2 # hint
+}

-openssl req \
-  -x509 \
-  -sha256 \
-  -new \
-  -nodes \
-  -key $CA_KEY_PATH \
-  -days 3560 \
-  -out $CA_PATH \
-  -subj "/C=IS/ST=/L=Reykjavik/O=Lamassu Operator CA/CN=lamassu-operator.is" \
-  >> $LOG_FILE 2>&1
+{
+  openssl genrsa \
+    -out $CA_KEY_PATH \
+    4096 >> $LOG_FILE 2>&1
+} || { print_error "openssl genrsa to CA_KEY_PATH failed" "$OPENSSL_ERROR_HINT"; exit 1; }

-openssl genrsa \
-  -out $SERVER_KEY_PATH \
-  4096 >> $LOG_FILE 2>&1
+{
+  openssl req \
+    -x509 \
+    -sha256 \
+    -new \
+    -nodes \
+    -key $CA_KEY_PATH \
+    -days 3560 \
+    -out $CA_PATH \
+    -subj "/C=IS/ST=/L=Reykjavik/O=Lamassu Operator CA/CN=lamassu-operator.is" \
+    >> $LOG_FILE 2>&1
+} || { print_error "openssl req with CA_KEY_PATH failed" "$OPENSSL_ERROR_HINT"; exit 1; }

-openssl req -new \
-  -key $SERVER_KEY_PATH \
-  -out /tmp/Lamassu_OP.csr.pem \
-  -subj "/C=IS/ST=/L=Reykjavik/O=Lamassu Operator/CN=$DOMAIN" \
-  >> $LOG_FILE 2>&1
+{
+  openssl genrsa \
+    -out $SERVER_KEY_PATH \
+    4096 >> $LOG_FILE 2>&1
+} || { print_error "openssl genrsa SERVER_KEY_PATH failed" "$OPENSSL_ERROR_HINT"; exit 1; }

-openssl x509 \
-  -req -in /tmp/Lamassu_OP.csr.pem \
-  -CA $CA_PATH \
-  -CAkey $CA_KEY_PATH \
-  -CAcreateserial \
-  -out $SERVER_CERT_PATH \
-  -days 3650 >> $LOG_FILE 2>&1
+{
+  openssl req -new \
+    -key $SERVER_KEY_PATH \
+    -out /tmp/Lamassu_OP.csr.pem \
+    -subj "/C=IS/ST=/L=Reykjavik/O=Lamassu Operator/CN=$DOMAIN" \
+    >> $LOG_FILE 2>&1
+} || { print_error "openssl req with SERVER_KEY_PATH failed" "$OPENSSL_ERROR_HINT"; exit 1; }
+
+{
+  openssl x509 \
+    -req -in /tmp/Lamassu_OP.csr.pem \
+    -CA $CA_PATH \
+    -CAkey $CA_KEY_PATH \
+    -CAcreateserial \
+    -out $SERVER_CERT_PATH \
+    -days 3650 >> $LOG_FILE 2>&1
+} || { print_error "openssl x509 failed" "$OPENSSL_ERROR_HINT"; exit 1; }

 rm /tmp/Lamassu_OP.csr.pem