initial commit

1 files changed, 43 insertions, 0 deletions

diff --git a/request_cert.sh b/request_cert.sh
new file mode 100644
index 0000000..a3d37e2
--- /dev/null
+++ b/request_cert.sh
@@ -0,0 +1,43 @@
+#!/usr/bin/bash
+# Usage: request_cert.sh <filename.json>
+# Sample JSON:
+# {
+#                  "common_name": "",
+#                  "alt_names": "",
+#                  "ip_sans": "212.12.255.3,212.12.255.4,213.12.255.3,213.12.255.4",
+#                  "ttl": "180d"
+
+# }
+#
+# Simple Usage: request_cert.sh -s <fqdn>
+#
+
+if [ -z "${VAULT_TOKEN}" ]; then
+   read -p USER: LDAPUSER
+   read -s -p PASSWORD: LPDAPASSWD
+   VAULT_TOKEN=$( curl -s -X POST -H "Content-Type: application/json" -d "{ \"password\": \"$LPDAPASSWD\"}" https://vault.dings:8200/v1/auth/ldap/login/$LDAPUSER | jq -r ".auth.client_token" )
+   echo $VAULT_TOKEN
+fi
+
+
+if [ -z "$1" ]; then
+   echo "USAGE: $0 -s <fqdn>|<filename>"
+   exit 1
+fi
+
+if [ "$1" == "-s" ]; then
+   CN=$2
+   DATA=$( curl -s --header "X-Vault-Token: $VAULT_TOKEN" --request POST --data "{ \"common_name\": \"$CN\", \"ttl\": \"90d\" }" https://vault.dings:8200/v1/pki_rz_q-ca_2021aa/issue/rz-drv  )
+else
+   CN=$( cat $1 | jq -r ".common_name" )
+   DATA=$( curl -s --header "X-Vault-Token: $VAULT_TOKEN" --request POST --data @$1 https://vault.dings:8200/v1/pki_rz_q-ca_2021aa/issue/rz-drv  )
+fi
+
+[ -d $CN ] && rm -r $CN
+mkdir $CN || exit 1
+
+echo $DATA > $CN/$CN.json
+echo $DATA | jq -r '.data.certificate' > $CN/$CN.cer
+echo $DATA | jq -r '.data.private_key' > $CN/$CN.key
+echo $DATA | jq -r '.data.ca_chain|join("\n")' > $CN/$CN.ca_chain
+cat $CN/$CN.cer $CN/$CN.ca_chain > $CN/$CN.cer_with_ca_chain